IT Governance

JULY 31, 2019

Croatian government targeted by mysterious hackers (unknown). Philadelphia Federal Credit Union confirms security breach (unknown). State-sponsored hackers breach Greece’s top-level domain registrar (unknown). University of Alabama discovers 10-year-old account breach (1,400). Data breaches.

Data breaches 111

Data breaches Ransomware Personal data Government 111

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

Data Matters

JUNE 5, 2018

Section 213 of the Act authorizes insured depository institutions and insured credit unions (and their respective affiliates) to accept, in connection with an individual consumer’s request to open an account or obtain a service, a scanned driver’s license or identification card issued by a state or local government.

Financial Services 68

Financial Services Insurance Privacy Authentication 68

erwin

DECEMBER 20, 2018

The driving factors behind data governance adoption vary. Whether implemented as preventative measures (risk management and regulation) or proactive endeavors (value creation and ROI), the benefits of a data governance initiative is becoming more apparent. Defining Data Governance. to Data Governance 2.0

Government 40

Government Financial Services GDPR Data breaches 40

Thales Cloud Protection & Licensing

NOVEMBER 20, 2023

Data breaches in the retail sector illustrate the vulnerabilities inherent to this industry, emphasizing the need for robust cybersecurity measures. This finding not only underscores the vulnerability of the retail sector but also accentuates the financial repercussions of such breaches.

Retail 83

Retail Cybersecurity Financial Services Encryption 83

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Security 82

Security Data breaches Ransomware Artificial Intelligence 82

IT Governance

DECEMBER 11, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: more than 59 million data records. BianLian claims to have exfiltrated 5 TB of data, comprising millions of sensitive documents. Akumin Inc.

Data Privacy 101

Data Privacy Energy and Utilities Privacy Manufacturing 101

Security Affairs

OCTOBER 29, 2021

A ransomware attack hit Papua New Guinea ‘s finance ministry and disrupted government payments and operations. Government officials confirmed that Papua New Guinea’s finance ministry was hit by a ransomware attack that disrupted government payments and operations. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware 83

Ransomware Financial Services Government Data breaches 83

DLA Piper Privacy Matters

JULY 30, 2019

It’s summer, and life’s a breach. A data breach, that is. It’s your service provider’s breach, but it involves your (more likely, your customer’s) data. So put down the beach reading, for some breach reading. Who “owns” a data breach?

Data breaches 45

Data breaches Cybersecurity Financial Services Risk 45

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp. NYDFS also found that Carnival had failed to implement basic protocols to prevent data breaches.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

IT Governance

NOVEMBER 13, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Records breached: 79,582 Ontario hospitals update: information relating to 5.6 Records breached: 1.3 million individuals McLaren Health Care notifies nearly 2.2

Data Privacy 85

Data Privacy Privacy Security Data breaches 85

IT Governance

MARCH 11, 2024

66,702,148 known records breached in 103 newly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 6.9

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

Data Matters

JUNE 29, 2022

She focuses her practice on cybersecurity issues, including crisis management, data breach response, internal investigations, regulatory compliance, and complex litigation. She advises clients in several industries, including financial services, hospitality, manufacturing, telecommunications, and energy.

Cybersecurity 88

Cybersecurity Data breaches Privacy Compliance 88

Schneier on Security

JANUARY 31, 2024

The rules would ensure people can obtain their own financial data at no cost, control who it’s shared with and choose who they do business with in the financial industry. This would change the economics of consumer finance and the illicit data economy that exists today.

Financial Services 101

Financial Services Privacy Personal data Marketing 101

IT Governance

APRIL 29, 2024

5,255,944,117 known records breached in 128 newly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks.

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94

Data Protection Report

JUNE 14, 2022

For example, organizations operating in the health, telecommunications or financial services industries may be required to keep a record of privacy incidents pursuant to an industry-specific statute or regulation. Organizations should also be aware of any sector-specific record-keeping obligations they may be subject to.

Privacy 52

Privacy Data breaches Compliance Financial Services 52

IT Governance

NOVEMBER 23, 2023

The public data set on the ICO (Information Commissioner’s Office) website shows that data security isn’t necessarily better for financial organisations. In fact, in 2020–2022, the financial sector was the second-most attacked sector, topped only by the retail and manufacturing sector. million (about £4.70

Risk 104

Risk Data breaches Authentication Financial Services 104

IBM Big Data Hub

DECEMBER 14, 2023

The stakes are especially high for organizations in highly regulated industries because they can be exploited through their digital supply chain, giving hackers access to consumers’ valuable and sensitive data. Consequently, these data breaches can rattle customer trust and the confidence of regulators. 

Cloud 92

Cloud Security Data breaches Cybersecurity 92

erwin

APRIL 11, 2019

In fact, organizations should expect increasing pressure on lawmakers to introduce new data protection regulations. A number of high-profile data breaches and scandals have increased public awareness of the issue. The Regulatory Rationale for Integrating Data Management & Data Governance. employees).

GDPR 100

GDPR e-Discovery Compliance Metadata 100

IT Governance

JANUARY 16, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data is no longer publicly available. Data breached: >223,000,000 records. Data breached: >7,000,000 records. Data breached: 5,500,000 records.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. Third-party governance. Like other competitive GRC solutions, it speeds the process of aggregating and mining data, building reports, and managing files.

Compliance 57

Compliance Risk Government Retail 57

eSecurity Planet

AUGUST 9, 2022

GDPR, the EU’s flagship data privacy and “right to be forgotten” regulation, has made the stakes of a data breach higher than ever. See the Top Governance, Risk and Compliance (GRC) Tools. Thus, it can be difficult for even small enterprises to keep up with information security and data privacy compliance.

Data Privacy 142

Data Privacy Compliance Privacy Security 142

Security Affairs

APRIL 8, 2020

The drug testing firm Hammersmith Medicines Research LTD (HMR), which performs live trials of Coronavirus vaccines, discloses a data breach. ” reads the data breach notification published by the company. The research firm revealed that many of the government IDs exposed in the data breach have since expired.

Ransomware 102

Ransomware Data breaches Encryption Financial Services 102

DLA Piper Privacy Matters

FEBRUARY 28, 2022

Primary areas of focus for the DPC in 2021 included the safeguarding of children’s data protection rights, progressing ongoing large-scale inquires and prioritising responding to complaints which have raised issues of substance, with a data subject centric approach to resolution. Financial Services Sector Focus.

Financial Services 97

Financial Services Data breaches Personal data Compliance 97

Krebs on Security

JANUARY 25, 2022

Then in mid-January, Jim heard from MSF via snail mail that they’d discovered a data breach. MSF said the personal information involved in this incident may have included name, date of birth, government-issued identification numbers (e.g., 14, 2022 breach notification letter from tribal lender Mountain Summit Financial.

Financial Services 217

Financial Services IT Data breaches Authentication 217

IT Governance

JANUARY 23, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data set is a collection of 1 billion credentials sourced from stealer logs and hosted on the illicit.services website. Data breached: 70,840,771 email addresses.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

Thales Cloud Protection & Licensing

NOVEMBER 22, 2021

The full digitization of contracts, subscriptions and consumption of services. This drive towards digital transformation allowed financial services to be one of the sectors that better weathered the Covid 19 pandemic. Financial institutions find themselves in a difficult situation. The challenge.

Digital transformation 71

Digital transformation Financial Services Customer Experience Risk 71

Security Affairs

JUNE 20, 2023

Understanding Data Sovereignty Data sovereignty has emerged as a critical concern for businesses worldwide in today’s interconnected digital landscape. When data is sovereign, an organization retains control and ownership over that data. DDR in Cybersecurity Data sovereignty has a profound impact on cybersecurity.

Compliance 80

Compliance Cybersecurity Risk Encryption 80

eSecurity Planet

NOVEMBER 17, 2022

Unpatched vulnerabilities are at fault in anywhere from a third to more than half of all data breaches, depending on the study, so it’s natural to wonder why organizations don’t do a better job of patch management. How to build in that cyber resiliency was the focus of a number of talks at the conference. Patching Is Hard.

Cloud 115

Cloud Encryption Ransomware Cybersecurity 115

Data Protection Report

NOVEMBER 2, 2023

On November 1, 2023, the New York Department of Financial Services (NYDFS) finalized the second amendment to its cybersecurity regulations, which are available here. The rules contain the provisions we had described in the original NYDFS proposal a year ago (see our blog post here ), but include some changes.

Cybersecurity 105

Cybersecurity Compliance Financial Services Government 105

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk 147

Risk Financial Services Insurance Cybersecurity 147

Thales Cloud Protection & Licensing

APRIL 29, 2024

However, a relentless barrage of data breaches, ransomware attacks, and sophisticated cyber threats steadily erodes this trust. Payment Services Directive (PSD3) PSD3 is an updated version of PSD2 and provides rules on the efficiency and security of digital payments and financial services in the EU.

Compliance 71

Compliance Cybersecurity Risk Manufacturing 71

IT Governance

AUGUST 26, 2021

For example, financial services firms may be worried about employees breaching insider trading laws. Preventing data breaches. Monitoring software is therefore essential to ensure that data breaches are spotted promptly and to give your organisation the opportunity to respond.

Compliance 119

Compliance Data breaches Privacy Risk 119

Security Affairs

APRIL 6, 2023

A digital identification tool provided by OCR Labs to major banks and government agencies leaked sensitive credentials, putting clients at severe risk. Its services are used by companies and financial institutions including BMW, Vodafone, the Australian government, Westpac, ANZ, HSBC, and Virgin Money.

IT 85

IT Financial Services Access Risk 85

IT Governance

FEBRUARY 21, 2024

402,437,094 known records breached in 240 publicly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

Data Matters

JANUARY 2, 2018

This past year was marked by ever more significant data breaches, growing cybersecurity regulatory requirements at the state and federal levels and continued challenges in harmonizing international privacy and cybersecurity regulations. Data breach litigation risks. We expect each of these trends to continue in 2018.

Cybersecurity 68

Cybersecurity Privacy Data breaches GDPR 68

Data Protection Report

JANUARY 6, 2020

The New York State Department for Financial Services regulations require covered entities to have appropriate record retention policies and procedures and the CCPA provides an extra incentive to implement proper information governance to minimise the costs data access requests. In the U.S.,

Privacy 84

Privacy GDPR Data breaches Risk 84