Thales Cloud Protection & Licensing

OCTOBER 14, 2024

2024 Thales Global Data Threat Report: Trends in Financial Services madhav Tue, 10/15/2024 - 05:17 Financial services (FinServ) firms are key players in the global economy. Looking at FinServ firms’ top threats, ransomware attacks against this sector continue to grow, with 18% saying they had suffered an attack.

Financial Services 62

Financial Services Cloud Compliance Authentication 62

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp. Since Carnival was licensed by the Department to sell insurance in NY State, it was treated as a covered entity under the Cybersecurity Regulation.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. A ransomware attack is about as bad as a cyber attack can get. Jump to: What is ransomware? How ransomware works. Preventing ransomware. Ransomware attacks and costs.

Ransomware 97

Ransomware Encryption Insurance Cloud 97

Security Affairs

AUGUST 20, 2024

In December 2023, Toyota Financial Services (TFS) warned customers it had suffered a data breach that exposed sensitive personal and financial data. Toyota Financial Services (TFS) is the finance arm of the Toyota Motor Corporation.

Data breaches 119

Data breaches Financial Services Archiving Passwords 119

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. sought coverage for expenses under its property insurance policy.

Insurance 70

Insurance Cybersecurity Risk Education 70

The Last Watchdog

SEPTEMBER 24, 2024

Online credit bureaus, like Equifax, Experian, and TransUnion, often see an uptick in new users after breaches because consumers realize the potential risks to their financial well-being and identity.

Authentication 216

Authentication IT ROT Compliance 216

Data Matters

JANUARY 28, 2022

A few days after the Advisory, Ukrainian government websites were attacked by Russian actors while the Russian government simultaneously arrested members of the notorious ransomware gang REvil. Like an incident response plan, MFA has become a critical element of cybersecurity programs.

Cybersecurity 157

Cybersecurity Financial Services Authentication Government 157

Security Affairs

JUNE 29, 2024

Infosys McCamish Systems (IMS) revealed that the 2023 data breach following the LockBit ransomware attack impacted 6 million individuals. IMS specializes in providing business process outsourcing (BPO) and information technology (IT) services specifically tailored for the insurance and financial services industries.

Data breaches 108

Data breaches e-Discovery Ransomware Insurance 108

Krebs on Security

NOVEMBER 14, 2024

for stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. Shefel claims his Sugar ransomware affiliate program was a bust, and never generated any profits. Sugar Locker), which targeted single computers and end-users instead of corporations.

Retail 234

Retail Ransomware Marketing Healthcare 234

eSecurity Planet

JUNE 16, 2022

Encrypted threats spiked 167%, ransomware increased 105%, and 5.4 These new attacks affect everything from private citizens and businesses to government systems; healthcare organizations; public services; and food, water, and fuel supply chains. Ransomware. Ransomware is the fastest-growing trend. Mobile attacks.

Ransomware 142

Ransomware Cybersecurity Phishing Encryption 142

Data Matters

OCTOBER 8, 2020

individuals and businesses comply with ransomware payment demands. Ransomware attacks use malware, often injected through phishing schemes, to encrypt a victim’s data files or programs, followed by a ransom demand by the threat actor that offers the decryption key in exchange for payment. sanctions law violations if U.S.

Ransomware 68

Ransomware Compliance Risk Government 68

Hunton Privacy

NOVEMBER 8, 2023

On November 1, 2023, New York Governor Hochul announced that the New York State Department of Financial Services (“NYDFS”) amended its Cybersecurity Regulation applicable to covered financial institutions. Our previous blog post covered key proposed changes to the Cyber Regulation.

Cybersecurity 72

Cybersecurity Compliance IT Financial Services 72

Thales Cloud Protection & Licensing

OCTOBER 24, 2024

New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024 madhav Fri, 10/25/2024 - 06:09 The next major deadline for compliance with the updated cybersecurity rules from the New York State Department of Financial Services (NYDFS) is November 1, 2024.

Cybersecurity 62

Cybersecurity Financial Services Encryption Compliance 62

Data Protection Report

JANUARY 30, 2023

employment opportunities; f. financial or lending services; g. health-care services; h. housing; or i. insurance.

Privacy 115

Privacy Cybersecurity Personal data Insurance 115

IT Governance

NOVEMBER 13, 2023

On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”. Records breached: 79,582 Ontario hospitals update: information relating to 5.6

Data Privacy 66

Data Privacy Privacy Security Data breaches 66

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. See CF Disclosure Guidance: Topic No. 2, Cybersecurity (Oct. 14, 2011). 15, 2020).

Cybersecurity 68

Cybersecurity Financial Services Risk Compliance 68

Security Affairs

APRIL 20, 2023

If malicious actors accessed the exposed data, the company could have faced devastating consequences and put their clients at risk, as financial services are the main target for cybercriminals. ICICI Bank’s response Threat to financial accounts Finance and insurance are one of the most targeted industries by cybercriminals.

Personal data 98

Personal data Phishing Risk Communications 98

KnowBe4

MARCH 28, 2023

This enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. I've written quite a few times about specific cyber insurance claim cases that required going to court to settle. Don't get caught in a phishing net! Learn how to avoid having your end users take the bait.

Phishing 88

Phishing Security awareness Insurance Cybersecurity 88

KnowBe4

JUNE 20, 2023

Overall, the use of stolen credentials is the overwhelming leader in data breaches, being involved in nearly 45% of breaches – this is more than double the second-place spot of "Other" (which includes a number of types of threat actions) and ransomware, which sits at around 20% of data breaches.

Data breaches 77

Data breaches Phishing Security awareness Ransomware 77

Data Protection Report

OCTOBER 23, 2024

The regulation includes elements of both the Health Insurance Portability and Accountability Act (HIPAA) and the New York Department of Financial Services (NYDFS) cybersecurity regulation.

Cybersecurity 45

Cybersecurity Risk Access Financial Services 45

KnowBe4

FEBRUARY 14, 2023

By Javvad Malik Insurance provider Hiscox has published its fifth annual cyber readiness report, which has some eye-opening statistics. The reports show that ransomware incidents have increased from 17% to 19%, often spread through phishing emails and malware. businesses.

Phishing 83

Phishing Security awareness Compliance Risk 83

DLA Piper Privacy Matters

JULY 30, 2019

Some states – such as Alabama, Massachusetts and New York (for financial services companies) – prescribe particular requirements of a “reasonable” cybersecurity program. At least nine states expressly extend these requirements to service providers. Proof of adequate cyber insurance coverage.

Data breaches 45

Data breaches Cybersecurity Financial Services Risk 45

Data Matters

APRIL 23, 2018

Board-management discussions about cyber risk should include identification of which risks to avoid, which to accept, and which to mitigate or transfer through insurance, as well as specific plans associated with each approach. Principle 5.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60

eSecurity Planet

JANUARY 11, 2022

With robust encryption policies, Evervault can help reduce insurance premiums and offers PCI-DSS and HIPAA compliance automation. Read more: Application Security is Key to Stopping Ransomware, Vendor Says. Endpoint Security and Protection Against Ransomware. Also read: Top Code Debugging and Code Security Tools. Cowbell Cyber.

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142

eSecurity Planet

MAY 11, 2023

I am very surprised that the cyber insurance industry has not required zero trust architecture already, but perhaps the $1.4 Also read: Building a Ransomware Resilient Architecture What All This Means From my vantage point (semi-retired and with lots of time to think, I might add) all this means that one of two things needs to happen.

Cloud 101

Cloud IT Insurance Authentication 101

IT Governance

DECEMBER 11, 2023

suffers second ransomware attack in months Having been struck by a ransomware attack in October by the BlackSuit group , which led to operations and appointments being postponed, Akumin Inc. has suffered a second attack, this time by the BianLian ransomware group. Data breached: more than 59 million data records. Akumin Inc.

Data Privacy 89

Data Privacy Energy and Utilities Privacy Manufacturing 89

IBM Big Data Hub

MARCH 20, 2024

Organizations in the financial services, healthcare and other regulated sectors must place an even greater focus on managing risk—not only to meet compliance requirements, but also to maintain customer confidence and trust. Read to learn more about cloud adoption within financial services?

Cloud 72

Cloud Financial Services Risk Business Services 72

KnowBe4

MAY 31, 2023

That's right – the financial services industry, at least according to cybersecurity vendor Armorblox's 2023 Email Security Threat Report. According to the report, the financial services industry as a target has increased by 72% over 2022 and was the single largest target of financial fraud attacks, representing 49% of all such attacks.

Phishing 80

Phishing File names Security awareness Risk 80

IT Governance

JANUARY 23, 2024

Source (New) Real estate USA Yes 46,906 Hampton-Newport News Community Services Board Source 1 ; source 2 ; source 3 (New) Healthcare USA Yes 44,312 Air Methods Source 1 ; source 2 (New) Healthcare USA Yes 34,016 GREYHOURS Source (New) Retail France Yes 18,700 Groveport Madison Schools Source 1 ; source 2 ; source 3 (Update) Education USA Yes 15.5

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

IT Governance

FEBRUARY 21, 2024

ALPHV/BlackCat ransomware gang adds 2.7 TB of ASA Electronics data to its leak site The ALPHV/BlackCat ransomware gang is attempting to extort a ransom from ASA Electronics for 2.7 Welfare Benefits Plan Source 1 ; source 2 New Healthcare USA Yes 13,079 Insurance ACE/Humana Inc. Date breached: 384,658,212 records.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

IT Governance

MARCH 11, 2024

Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc. million last year, roughly a quarter of which was the due to the ransomware attack it suffered in March 2023.

Data Privacy 69

Data Privacy Privacy Security Data breaches 69

IT Governance

APRIL 29, 2024

Known data breached Discord (via Spy.pet) Source (New) IT services USA Yes 4,186,879,104 Baidu, Inc.,

Data Privacy 82

Data Privacy Privacy Manufacturing Security 82

eSecurity Planet

JUNE 1, 2021

” Lookout data indicates that about 15 percent of financial services employees encountered a mobile phishing attempt each quarter in 2020. ” Further reading: Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs. . … Attacks are more difficult to spot on mobile. Awareness, Training are Key.

Phishing 71

Phishing Cybersecurity Government Authentication 71