Information Security, Insurance and Manufacturing

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Security Affairs

JANUARY 6, 2024

Merck has resolved a dispute with insurers regarding a $1.4 Merck and its insurers have agreed with a $1.4 It is one of the largest pharmaceutical companies globally, engaged in the research, development, manufacturing, and marketing of a wide range of healthcare products. billion claim against the insurers.

Insurance

Insurance Healthcare Manufacturing Ransomware

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

Nexperia is a semiconductor manufacturer headquartered in Nijmegen, the Netherlands. Gb - NDA The group published a set of files as proof of the security breach and threatens leak all the stolen data if the victim will not pay the ransom. It is a subsidiary of the partially state-owned Chinese company Wingtech Technology.

Ransomware

Ransomware Manufacturing Insurance Cybersecurity

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

This group primarily focused its attacks on the construction, manufacturing/industrial, and retail industries. The data shows a shift in ransomware targets over the past three years. Previously dominated by the construction industry, the IT sector now claims the top spot in 2023.

Ransomware

Ransomware Manufacturing Retail Insurance

Webinars

How to Achieve High-Accuracy Results When Using LLMs

Maximizing Profit and Productivity: The New Era of AI-Powered Accounting

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

McLaren Health Care revealed that a data breach impacted 2.2 million people

Security Affairs

NOVEMBER 10, 2023

Exposed information varied by individual and may include some combination of certain individuals’ names, social Security number, health insurance information, date of birth, and medical information. ” reads the notice of data breach sent to the Maine Attorney General.

Data breaches

Data breaches Ransomware Insurance Manufacturing

Ransomware infected systems at Xchanging, a DXC subsidiary

Security Affairs

JULY 6, 2020

Xchanging is a business process and technology services provider and integrator, which provides technology-enabled business services to the commercial insurance industry. Xchanging is primarily an insurance managed services business that operates on a standalone basis.”

Ransomware

Ransomware Insurance Financial Services Manufacturing

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

In December 2023, Elliptic and Corvus Insurance published a joint research that revealed the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. Most of the victims are in the manufacturing, engineering and construction, and retail sectors. ” reads the CSA. The average ransom payment was $1.2

Ransomware

Ransomware Blockchain Retail Insurance

Belden discloses data breach as a result of a cyber attack

Security Affairs

NOVEMBER 25, 2020

Belden, the manufacturer of networking and cable products, disclosed a data breach, threat actors have stolen employee and business information. The company said the breach did not impact operations at manufacturing plants, quality control or shipping, it added that attackers only had access to a “limited number” of company servers.

Data breaches

Data breaches Manufacturing Insurance Access

Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform

Security Affairs

OCTOBER 4, 2023

Researchers from the cybersecurity firm Menlo Security reported that threat actors exploited an open redirection vulnerability in the job search platform Indeed in phishing attacks. The campaign was observed between July and August, threat actors used the phishing kit ‘ EvilProxy.’

Phishing

Phishing Insurance Manufacturing Authentication

Trojanized Comm100 Live Chat app installer distributed a JavaScript backdoor

Security Affairs

OCTOBER 4, 2022

The malicious installer was used to infect organizations in multiple sectors, including the industrial, healthcare, technology, manufacturing, insurance and telecommunications sectors in North America and Europe. The attack took place from at least September 27, 2022 through the morning of September 29, 2022.

Metadata

Metadata Insurance Manufacturing Communications

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

.” PIONEER KITTEN hackers to date have focused their attacks against entities in North American and Israeli, while targeted sectors include technology, government, defense, healthcare, aviation, media, academic, engineering, consulting and professional services, chemical, manufacturing, financial services, insurance, and retail. .

Access

Access Financial Services Retail Insurance

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

A joint research by Elliptic and Corvus Insurance revealed that the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. ” Most of the victims are in the manufacturing, engineering and construction, and retail sectors. The average ransom payment was $1.2 61,9% of the victims are in the US, 15.8%

Ransomware

Ransomware Blockchain Retail Insurance

US. rail and locomotive company Wabtec hit with Lockbit ransomware

Security Affairs

JANUARY 4, 2023

It manufactures products for locomotives, freight cars and passenger transit vehicles, and builds new locomotives up to 6,000 horsepower. rail and locomotive company Wabtec Corporation disclosed a data breach after it was hit with Lockbit ransomware attack. The company employs approximately 25,000 people and has 50 plants all over the world.

Ransomware

Ransomware Insurance Data breaches Manufacturing

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

Security Affairs

AUGUST 20, 2024

ZeroSevenGroup extracted a huge quantity of information from Toyota’s environments, including network information and credentials, “We have hacked a branch in United States to one of the biggest automotive manufacturer in the world (TOYOTA). We are really glad to share the files with you here for free.

Data breaches

Data breaches Financial Services Archiving Passwords

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Security Affairs

FEBRUARY 28, 2024

BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA , the US defense contractor NJVC , gas pipeline Creos Luxembourg S.A. , the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware Government Insurance Manufacturing

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In the video, the REvil representative stated that the most desirable targets for the group were agriculture companies, manufacturers, insurance firms, and law firms. The REvil actor claimed that on average roughly one in three of its victims agrees to pay an extortion fee.

Security

Security Ransomware Agriculture Cybersecurity

CrowdStrike: Lessons on the Importance of Contracts, Insurance and Business Continuity

IT Governance

JULY 30, 2024

According to Parametrix , an insurance company specialising in Cloud outages, cyber insurance policies likely cover up to 10–20% of losses only. To find out more about what we can learn from the event, and protect ourselves from ‘Strike 2’, we talked to our information security manager, Adam Seamons. of its share price.

Insurance

Insurance Risk Encryption Manufacturing

A massive phishing campaign using QR codes targets the energy sector

Security Affairs

AUGUST 16, 2023

Other top 4 targeted industries include Manufacturing, Insurance, Technology, and Financial Services seeing 15%, 9%, 7%, and 6% of the campaign traffic respectively.” Experts warn that the Energy sector was a major focus of this campaign, followed by manufacturing, and insurance. ” continues the report.

Phishing

Phishing Energy and Utilities Insurance Manufacturing

Nice Suzuki, sport: shame dealer left your data up for grabs

Security Affairs

JULY 21, 2023

Cybernews research team discovered that two Suzuki-authorized dealer websites were leaking customers’ sensitive information. Suzuki or otherwise, buying a new vehicle is an intense experience with complicated credit, insurance, documentation, and contracts. Rarely do car manufacturers sell their cars directly.

Manufacturing

Manufacturing Phishing Access Insurance

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

According to the notice published on the website of the OAG on August 07, 2023, exposed personal information includes names, addresses, social security information, health information, and health insurance information. The Dallas City Council has approved a budget of $8.5

Ransomware

Ransomware Encryption Systems administration Cybersecurity

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

US agencies warn that groups employed DarkSide ransomware in attacks aimed at organizations across various Critical Infrastructure sectors, including manufacturing, legal, insurance, healthcare, and energy. “Our goal is to make money, and not creating problems for society,” reads a statement from the group.

Ransomware

Ransomware Phishing Risk Encryption

Luxottica data breach exposes info of LensCrafters and EyeMed patients

Security Affairs

NOVEMBER 8, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. For some patients, exposed information included credit card numbers and social security numbers.

Data breaches

Data breaches Insurance Ransomware Retail

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

Security Affairs

FEBRUARY 27, 2024

Optum Solutions is a subsidiary of UnitedHealth Group, a leading health insurance company in the United States. “On February 21, 2024, UnitedHealth Group (the “Company”) identified a suspected nation-state associated cyber security threat actor had gained access to some of the Change Healthcare information technology systems.

Ransomware

Ransomware Government Insurance Manufacturing

Prometei botnet is targeting ProxyLogon Microsoft Exchange flaws

Security Affairs

APRIL 26, 2021

Prometei has been observed to be active in systems across a variety of industries, including: Finance, Insurance, Retail, Manufacturing, Utilities, Travel, and Construction.” . “The victimology is quite random and opportunistic rather than highly targeted, which makes it even more dangerous and widespread.

Mining

Mining Retail Insurance Manufacturing

New RA Group ransomware gang is the latest group using leaked Babuk source code

Security Affairs

MAY 15, 2023

Compromised organizations operate in different business verticals, including manufacturing, wealth management, insurance providers, and pharmaceuticals. The researchers noticed that the path contains the same mutex name as the Babuk ransomware, a circumstance that suggests the malware borrows Babuk’s leaked source code.

Ransomware

Ransomware Encryption Healthcare Insurance

The Top 5 Reasons to Use an API Management Platform

Security Affairs

NOVEMBER 20, 2023

Over the course of his 20+ years of IT and Security, Ross has served in a variety of operations and infosec roles for companies in the manufacturing, healthcare, real estate, business insurance, and technology sectors. He holds (ISC)2’s SSCP along with CompTIA’s Pentest+ and Security+ certifications, a B.S.

Authentication

Authentication Risk Government Security

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

ICICI Bank’s response Threat to financial accounts Finance and insurance are one of the most targeted industries by cybercriminals. Last year, with a total share of 18% of all cyberattacks, it was the second most targeted industry, following manufacturing.

Personal data

Personal data Phishing Risk Communications

Researchers shared the lists of victims of SolarWinds hack

Security Affairs

DECEMBER 22, 2020

Fidelity Communications (ISP) NetBios HTTP Backdoor 2020-06-02 fisherbartoninc.com The Fisher Barton Group (Blade Manufacturer) NetBios HTTP Backdoor 2020-05-15 fmtn.ad TE Connectivity (Sensor manufacturer) NetBios HTTP Backdoor 2020-05-13 thx8xb NetBios HTTP Backdoor 2020-06-16 tx.org NetBios HTTP Backdoor 2020-07-15 usd373.org

Communications

Communications Manufacturing Financial Services Security

Cybersecurity Incident Highlights Questions about Cyber Insurance Coverage

Hunton Privacy

OCTOBER 14, 2014

On October 8, 2014, the Department of Homeland Security reported that over the course of several months, the network of a large critical manufacturing company was compromised. The incident raises some issues for cyber insurance.

Insurance

Insurance Cybersecurity Manufacturing Information Security

Episode 158: How NotPetya has Insurers grappling with Systemic Cyber Risk

The Security Ledger

AUGUST 20, 2019

We talk to Bruce McDonnell of the East West Institute about how insurers are responding. Related Stories Episode 155: Disinformation is a Cyber Weapon and APTs warm to Mobile Malware Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats NotPetya Horror Story Highlights Need for Holistic Security.

Insurance

Insurance Risk Healthcare Manufacturing

SSL Bugs Likely to Have Insurance Coverage Implications

Hunton Privacy

FEBRUARY 28, 2014

Hunton & Williams Insurance Litigation & Counseling partner Lon Berk reports: The recently publicized Secure Sockets Layer (“SSL”) bug affecting Apple Inc. products raises a question regarding insurance coverage that is likely to become increasingly relevant as “The Internet of Things” expands.

Insurance

Insurance Manufacturing Risk Security

The hidden threats facing your intellectual property

IT Governance

SEPTEMBER 4, 2018

For life sciences and pharmaceutical companies, this includes data on the development and testing of new therapies and details of how therapies are manufactured. Last year, private healthcare giant BUPA suffered a breach affecting 108,000 health insurance policies when a rogue employee copied and removed information from the organisation.

Healthcare

Healthcare Insurance Manufacturing Risk

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

IT Governance

MARCH 1, 2022

In the midst of all this, organisations across Europe have reported delays as a result of alleged state-sponsored attacks – including Toyota’s Japanese plants and a kettle manufacturer in the Isle of Man.

Data breaches

Data breaches Ransomware Government Blockchain

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C. Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc. Organisation(s) Sector Location Data breached?

Data Privacy

Data Privacy Privacy Security Data breaches

The Week in Cyber Security and Data Privacy: 16–22 October 2023

IT Governance

OCTOBER 24, 2023

D-Link Corporation Provides Details about an Information Disclosure Security Incident Date of breach: 2 October 2023. Breached organisation: D-Link Corporation, Taiwanese networking equipment manufacturer. Casio Issues Apology and Notice Concerning Personal Information Leak Date of breach: 11 October 2023.

Data Privacy

Data Privacy Privacy Security Data breaches

List of Data Breaches and Cyber Attacks in February 2023 – 29.5 Million Records Breached

IT Governance

MARCH 1, 2023

IT Governance is dedicated to helping organisations tackle the threat of cyber crime and other information security weaknesses. It follows a mammoth start to the year, with more than 277 million breached records in January , and brings the running total for the year to over 300 million pieces of compromised personal data.

Data breaches

Data breaches Ransomware e-Delivery Government

Government survey reveals GDPR awareness is falling short

IT Governance

FEBRUARY 8, 2018

Of the businesses surveyed, those in the finance and insurance industries had the highest levels of awareness (79%), followed by information and communications (67%) and education (52%). The industries with the least awareness were construction (25%) and production and manufacturing (27%). Are your staff aware of the GDPR?

GDPR

GDPR Government Education Compliance

NHTSA Releases New Automobile Cybersecurity Best Practices

Hunton Privacy

OCTOBER 28, 2016

The National Highway Safety Administration (“NHTSA”) recently issued non-binding guidance that outlines best practices for automobile manufacturers to address automobile cybersecurity. According to the NHTSA, the Cybersecurity Guidance is “non-binding guidance” that contains “voluntary best practices” to improve motor vehicle cybersecurity.

Cybersecurity

Cybersecurity Energy and Utilities Manufacturing Insurance

China: Navigating China episode 18: Increased scrutiny over connected car and automobile industry data from Chinese regulators, including push towards data localisation

DLA Piper Privacy Matters

JUNE 4, 2021

This is a reminder for the automobile industry – and its supporting industries and insurers – to ensure a robust compliance framework to protect that data, and to reconsider processing of such data outside of China.

Personal data

Personal data Compliance Big data Insurance

China Publishes Draft Regulations on Protecting the Security of Key Information Infrastructure

Hunton Privacy

JULY 11, 2017

To be counted as “key information infrastructure,” however, the infrastructure must still meet the criterion that severe endangerment of national security, the national economy and the people’s livelihood and the public interest would result if the infrastructure suffers destruction, loss of functionality or leakage of data.

Energy and Utilities

Energy and Utilities Security Cybersecurity Manufacturing

Forescout Platform: NAC Product Review

eSecurity Planet

APRIL 7, 2023

combinations Enables automated response to quickly and effectively contain threats based upon policy from moderate (move to guest network, assign to self-remediation VLAN, apply OS updates/patches, etc.) to stringent (quarantine assets, turn off switch port, block access, disable network card, etc.)

IoT

IoT Compliance Access Cloud

Top GRC Tools & Software for 2021

eSecurity Planet

JANUARY 21, 2021

The Riskonnect GRC platform has specific use cases for risk management, information security, compliance, and audit professionals in healthcare, retail, insurance, financial services, and manufacturing. Insurance & claims management. See our in-depth look at LogicManager. Riskonnect. Back to top. Back to top.

Compliance

Compliance Risk Government Retail

FTC Publishes Red Flags Rule Compliance Guide; Confirms Broad Interpretation of the Rule

Hunton Privacy

APRIL 3, 2009

This definition of “creditor” may encompass any “invoice billing” arrangements, including those often utilized by law firms, doctors, manufacturers, utility companies and myriad other businesses that do not require immediate payment for their products or services.

Compliance

Compliance Retail Insurance Manufacturing

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

The Riskonnect GRC platform has specific use cases for risk management, information security, compliance, and audit professionals in healthcare, retail, insurance, financial services, and manufacturing. Insurance & claims management. See our in-depth look at LogicManager. Riskonnect. Back to top. Back to top.

Compliance

Compliance Risk Government Retail

OCR Provides Insight into Enforcement Priorities and Breach Trends

HL Chronicle of Data Protection

OCTOBER 21, 2019

Regulators, industry experts, and researchers provided insight into health privacy and security enforcement trends, emerging threats, and new tools at a recent conference focused on the Health Insurance Portability and Accountability (HIPAA) regulatory framework.

Risk

Risk Privacy Compliance Access

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Webinars

Trending Sources

Ransomware attacks break records in 2023: the number of victims rose by 128%

Webinars

McLaren Health Care revealed that a data breach impacted 2.2 million people

Ransomware infected systems at Xchanging, a DXC subsidiary

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Belden discloses data breach as a result of a cyber attack

Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform

Trojanized Comm100 Live Chat app installer distributed a JavaScript backdoor

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

US. rail and locomotive company Wabtec hit with Lockbit ransomware

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

CrowdStrike: Lessons on the Importance of Contracts, Insurance and Business Continuity

A massive phishing campaign using QR codes targets the energy sector

Nice Suzuki, sport: shame dealer left your data up for grabs

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

US CISA and FBI publish joint alert on DarkSide ransomware

Luxottica data breach exposes info of LensCrafters and EyeMed patients

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

Prometei botnet is targeting ProxyLogon Microsoft Exchange flaws

New RA Group ransomware gang is the latest group using leaked Babuk source code

The Top 5 Reasons to Use an API Management Platform

Multinational ICICI Bank leaks passports and credit card numbers

Researchers shared the lists of victims of SolarWinds hack

Cybersecurity Incident Highlights Questions about Cyber Insurance Coverage

Episode 158: How NotPetya has Insurers grappling with Systemic Cyber Risk

SSL Bugs Likely to Have Insurance Coverage Implications

The hidden threats facing your intellectual property

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

The Week in Cyber Security and Data Privacy: 16–22 October 2023

List of Data Breaches and Cyber Attacks in February 2023 – 29.5 Million Records Breached

Government survey reveals GDPR awareness is falling short

NHTSA Releases New Automobile Cybersecurity Best Practices

China: Navigating China episode 18: Increased scrutiny over connected car and automobile industry data from Chinese regulators, including push towards data localisation

China Publishes Draft Regulations on Protecting the Security of Key Information Infrastructure

Forescout Platform: NAC Product Review

Top GRC Tools & Software for 2021

FTC Publishes Red Flags Rule Compliance Guide; Confirms Broad Interpretation of the Rule

Top 10 Governance, Risk and Compliance (GRC) Vendors

OCR Provides Insight into Enforcement Priorities and Breach Trends

Stay Connected