Security Affairs

JUNE 29, 2024

Infosys McCamish Systems (IMS) revealed that the 2023 data breach following the LockBit ransomware attack impacted 6 million individuals. IMS specializes in providing business process outsourcing (BPO) and information technology (IT) services specifically tailored for the insurance and financial services industries.

Data breaches 270

Data breaches e-Discovery Ransomware Insurance 270

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. 2 announcing a Cyber Insurance Risk Framework (the Framework) that describes industry best practices for New York-regulated property/casualty insurers. Insurers should: Establish a Formal Cyber Insurance Risk Strategy.

Insurance 79

Insurance Financial Services Cybersecurity Risk 79

Thales Cloud Protection & Licensing

OCTOBER 24, 2024

New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024 madhav Fri, 10/25/2024 - 06:09 The next major deadline for compliance with the updated cybersecurity rules from the New York State Department of Financial Services (NYDFS) is November 1, 2024.

Cybersecurity 62

Cybersecurity Financial Services Encryption Compliance 62

Krebs on Security

SEPTEMBER 11, 2019

Unlike many stories here about cloud service providers being extorted by hackers for ransomware payouts , this snafu appears to have been something of an inside job. The company that handled that process for MyPayrollHR is a California firm called Cachet Financial Services.

Financial Services 279

Financial Services Cloud Insurance IT 279

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp. Since Carnival was licensed by the Department to sell insurance in NY State, it was treated as a covered entity under the Cybersecurity Regulation.

Cybersecurity 115

Cybersecurity Insurance Phishing Ransomware 115

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. A ransomware attack is about as bad as a cyber attack can get. Jump to: What is ransomware? How ransomware works. Preventing ransomware. Ransomware attacks and costs.

Ransomware 97

Ransomware Encryption Insurance Cloud 97

Security Affairs

APRIL 20, 2023

If malicious actors accessed the exposed data, the company could have faced devastating consequences and put their clients at risk, as financial services are the main target for cybercriminals. ICICI Bank’s response Threat to financial accounts Finance and insurance are one of the most targeted industries by cybercriminals.

Personal data 246

Personal data Phishing Risk Communications 246

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. sought coverage for expenses under its property insurance policy.

Insurance 70

Insurance Cybersecurity Risk Education 70

The Last Watchdog

SEPTEMBER 24, 2024

Online credit bureaus, like Equifax, Experian, and TransUnion, often see an uptick in new users after breaches because consumers realize the potential risks to their financial well-being and identity.

Authentication 216

Authentication IT ROT Compliance 216

Data Matters

JANUARY 28, 2022

A few days after the Advisory, Ukrainian government websites were attacked by Russian actors while the Russian government simultaneously arrested members of the notorious ransomware gang REvil. Like an incident response plan, MFA has become a critical element of cybersecurity programs.

Cybersecurity 157

Cybersecurity Financial Services Authentication Government 157

eSecurity Planet

JUNE 16, 2022

Encrypted threats spiked 167%, ransomware increased 105%, and 5.4 These new attacks affect everything from private citizens and businesses to government systems; healthcare organizations; public services; and food, water, and fuel supply chains. Ransomware. Ransomware is the fastest-growing trend. Mobile attacks.

Ransomware 145

Ransomware Cybersecurity Phishing Encryption 145

IT Governance

DECEMBER 11, 2023

suffers second ransomware attack in months Having been struck by a ransomware attack in October by the BlackSuit group , which led to operations and appointments being postponed, Akumin Inc. has suffered a second attack, this time by the BianLian ransomware group. Data breached: more than 59 million data records. Akumin Inc.

Data Privacy 97

Data Privacy Energy and Utilities Privacy Manufacturing 97

Data Matters

OCTOBER 8, 2020

individuals and businesses comply with ransomware payment demands. Ransomware attacks use malware, often injected through phishing schemes, to encrypt a victim’s data files or programs, followed by a ransom demand by the threat actor that offers the decryption key in exchange for payment. sanctions law violations if U.S.

Ransomware 68

Ransomware Compliance Risk Government 68

Hunton Privacy

NOVEMBER 8, 2023

On November 1, 2023, New York Governor Hochul announced that the New York State Department of Financial Services (“NYDFS”) amended its Cybersecurity Regulation applicable to covered financial institutions. Our previous blog post covered key proposed changes to the Cyber Regulation.

Cybersecurity 72

Cybersecurity Compliance IT Financial Services 72

IBM Big Data Hub

MARCH 20, 2024

Organizations in the financial services, healthcare and other regulated sectors must place an even greater focus on managing risk—not only to meet compliance requirements, but also to maintain customer confidence and trust. Read to learn more about cloud adoption within financial services?

Cloud 72

Cloud Financial Services Risk Business Services 72

Data Protection Report

JANUARY 30, 2023

employment opportunities; f. financial or lending services; g. health-care services; h. housing; or i. insurance.

Privacy 115

Privacy Cybersecurity Personal data Insurance 115

IT Governance

NOVEMBER 13, 2023

On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”. Records breached: 79,582 Ontario hospitals update: information relating to 5.6

Data Privacy 74

Data Privacy Privacy Security Data breaches 74

KnowBe4

MARCH 28, 2023

This enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. I've written quite a few times about specific cyber insurance claim cases that required going to court to settle. Don't get caught in a phishing net! Learn how to avoid having your end users take the bait.

Phishing 105

Phishing Security awareness Insurance Cybersecurity 105

Data Protection Report

OCTOBER 23, 2024

The regulation includes elements of both the Health Insurance Portability and Accountability Act (HIPAA) and the New York Department of Financial Services (NYDFS) cybersecurity regulation.

Cybersecurity 45

Cybersecurity Risk Access Financial Services 45

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. See CF Disclosure Guidance: Topic No. 2, Cybersecurity (Oct. 14, 2011). 15, 2020).

Cybersecurity 68

Cybersecurity Financial Services Risk Compliance 68

KnowBe4

JUNE 20, 2023

Overall, the use of stolen credentials is the overwhelming leader in data breaches, being involved in nearly 45% of breaches – this is more than double the second-place spot of "Other" (which includes a number of types of threat actions) and ransomware, which sits at around 20% of data breaches.

Data breaches 103

Data breaches Phishing Security awareness Ransomware 103

eSecurity Planet

JANUARY 11, 2022

With robust encryption policies, Evervault can help reduce insurance premiums and offers PCI-DSS and HIPAA compliance automation. Read more: Application Security is Key to Stopping Ransomware, Vendor Says. Endpoint Security and Protection Against Ransomware. Also read: Top Code Debugging and Code Security Tools. Cowbell Cyber.

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142

IT Governance

MARCH 11, 2024

Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc. million last year, roughly a quarter of which was the due to the ransomware attack it suffered in March 2023.

Data Privacy 78

Data Privacy Privacy Security Data breaches 78

IT Governance

FEBRUARY 21, 2024

ALPHV/BlackCat ransomware gang adds 2.7 TB of ASA Electronics data to its leak site The ALPHV/BlackCat ransomware gang is attempting to extort a ransom from ASA Electronics for 2.7 Welfare Benefits Plan Source 1 ; source 2 New Healthcare USA Yes 13,079 Insurance ACE/Humana Inc. Date breached: 384,658,212 records.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

IT Governance

JANUARY 23, 2024

Source (New) Real estate USA Yes 46,906 Hampton-Newport News Community Services Board Source 1 ; source 2 ; source 3 (New) Healthcare USA Yes 44,312 Air Methods Source 1 ; source 2 (New) Healthcare USA Yes 34,016 GREYHOURS Source (New) Retail France Yes 18,700 Groveport Madison Schools Source 1 ; source 2 ; source 3 (Update) Education USA Yes 15.5

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

KnowBe4

FEBRUARY 14, 2023

By Javvad Malik Insurance provider Hiscox has published its fifth annual cyber readiness report, which has some eye-opening statistics. The reports show that ransomware incidents have increased from 17% to 19%, often spread through phishing emails and malware. businesses.

Phishing 98

Phishing Security awareness Compliance Security 98

DLA Piper Privacy Matters

JULY 30, 2019

Some states – such as Alabama, Massachusetts and New York (for financial services companies) – prescribe particular requirements of a “reasonable” cybersecurity program. At least nine states expressly extend these requirements to service providers. Proof of adequate cyber insurance coverage.

Data breaches 45

Data breaches Cybersecurity Financial Services Risk 45

Data Matters

APRIL 23, 2018

Board-management discussions about cyber risk should include identification of which risks to avoid, which to accept, and which to mitigate or transfer through insurance, as well as specific plans associated with each approach. Principle 5.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60

eSecurity Planet

MAY 11, 2023

I am very surprised that the cyber insurance industry has not required zero trust architecture already, but perhaps the $1.4 Also read: Building a Ransomware Resilient Architecture What All This Means From my vantage point (semi-retired and with lots of time to think, I might add) all this means that one of two things needs to happen.

Cloud 110

Cloud IT Insurance Authentication 110

KnowBe4

MAY 31, 2023

That's right – the financial services industry, at least according to cybersecurity vendor Armorblox's 2023 Email Security Threat Report. According to the report, the financial services industry as a target has increased by 72% over 2022 and was the single largest target of financial fraud attacks, representing 49% of all such attacks.

Phishing 104

Phishing File names Security awareness Risk 104

IT Governance

APRIL 29, 2024

Known data breached Discord (via Spy.pet) Source (New) IT services USA Yes 4,186,879,104 Baidu, Inc.,

Data Privacy 91

Data Privacy Privacy Manufacturing Security 91

Krebs on Security

NOVEMBER 14, 2024

for stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. Shefel claims his Sugar ransomware affiliate program was a bust, and never generated any profits. Sugar Locker), which targeted single computers and end-users instead of corporations.

Retail 258

Retail Ransomware Marketing Healthcare 258

eSecurity Planet

JUNE 1, 2021

” Lookout data indicates that about 15 percent of financial services employees encountered a mobile phishing attempt each quarter in 2020. ” Further reading: Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs. . … Attacks are more difficult to spot on mobile. Awareness, Training are Key.

Phishing 71

Phishing Cybersecurity Government Authentication 71