IT Governance

NOVEMBER 28, 2023

The post The Week in Cyber Security and Data Privacy: 20 – 26 November 2023 appeared first on IT Governance UK Blog. In the meantime, if you missed it, check out last week’s round-up. Please do also let us know what you think about our new table format.

Data Privacy 52

Data Privacy Privacy Energy and Utilities Data breaches 52

Hunton Privacy

JUNE 22, 2020

heath records or records of a wellness program or similar program of health promotion or disease prevention, a health care professional’s medical diagnosis or treatment of the consumer or a health insurance policy number. Student Data Privacy. Read Vermont’s explanation of the amendments.

Data breaches 107

Data breaches Privacy Education Data Privacy 107

The Last Watchdog

OCTOBER 5, 2023

Byron: Companies often underestimate threats, neglect basic cyber hygiene, and fail to educate employees on cybersecurity. Erin: Do you think cyber insurance should play a bigger role in companies’ cybersecurity strategies? What factors should organizations consider when selecting a cyber insurance policy?

Cybersecurity 203

Cybersecurity Privacy Cloud IoT 203

Information Governance Perspectives

MAY 10, 2020

In May of 2020 I was honored to speak at the MERv conference with John Frost of Box on the topic of Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance. Rafael Moscatel, CIPM, CRM, IGP, is the Managing Director of Compliance and Privacy Partners.

Compliance 52

Compliance Information governance Privacy Data Privacy 52

Schneier on Security

JANUARY 29, 2020

To comply with California's new data privacy law, companies that collect information on consumers and users are forced to be more transparent about it. Sometimes the results are creepy. It says Ralphs may pry into "financial and payment information like your bank account, credit and debit card numbers, and your credit history.".

Insurance 125

Insurance Data Privacy Education Privacy 125

Hunton Privacy

MAY 10, 2022

On May 10, 2022, Connecticut Governor Ned Lamont signed An Act Concerning Personal Data Privacy and Online Monitoring , after the law was previously passed by the Connecticut General Assembly in April. Connecticut is now the fifth state to enact a consumer privacy law.

Privacy 118

Privacy Personal data Sales B2B 118

IT Governance

MAY 7, 2024

A further 381,000 New York City public school students affected by 2022 data breach In January 2022 , personal data from around 820,000 New York City public school students, both current and former, was breached. Data breached: 1,201,000 people’s data. Organisation(s) Sector Location Data breached? Young, Inc.

Data breaches 59

Data breaches Education Manufacturing Retail 59

Data Matters

MARCH 28, 2022

Department of Health and Human Service’s Office for Civil Rights (“OCR”) issued industry guidance for Health Insurance Portability and Accountability Act (“HIPAA”) regulated entities to take preventative steps to protect against some of the more common, and often successful, cyber-attack techniques. On March 17, 2022, the U.S.

Cybersecurity 88

Cybersecurity Privacy Insurance Risk 88

Data Matters

AUGUST 9, 2021

In recent weeks, Connecticut passed An Act Concerning Data Privacy Breaches (“The Act”), and the Uniform Law Commission approved and recommended the Uniform Personal Data Protection Act (“UPDPA”). Connecticut: An Act Concerning Data Privacy Breaches.

Data breaches 88

Data breaches Privacy Personal data Data Privacy 88

eDiscovery Daily

FEBRUARY 11, 2019

The companies audited were from industries ranging from online retail to sports to banking & insurance to media, even automotive & electronics and home and residential. The post In Today’s Privacy Environment, That’s the Way the (Website) Cookie Crumbles: Data Privacy Trends appeared first on CloudNine.

Privacy 46

Privacy Data Privacy GDPR Compliance 46

IT Governance

JUNE 1, 2022

State Bar of Georgia investigating cyber attack (unknown) US Department of Defense tricked into paying $23.5 If you’re facing a cyber security disaster, IT Governance is here to help. Our Cyber Incident Response service provides the help you need to deal with the threat, as our experts guide you through the recovery process.

Data breaches 126

Data breaches Ransomware Phishing Education 126

Data Protection Report

JANUARY 4, 2024

The Texas Data Privacy and Security Act (HB4) can be found here: [link] See our summary here: [link] 10.b The Consumer Data Privacy Act (SB 384), which goes into effect on October 1, 2024 (see § 14), can be found here: [link]. Tie-breaker/bonus question: a. Delaware and Iowa

Privacy 110

Privacy Cybersecurity Artificial Intelligence e-Discovery 110

IT Governance

SEPTEMBER 1, 2021

Data breaches. Travel and medical insurance provider guard.me Travel and medical insurance provider guard.me Travel and medical insurance provider guard.me Cyber attacks. Ransomware. Financial information. Malicious insiders and miscellaneous incidents. In other news…. Cyber attacks.

Data breaches 140

Data breaches Ransomware Insurance Data migration 140

IBM Big Data Hub

JULY 7, 2023

Data protection and data privacy Data protection , defined as protecting important information from corruption, damage or loss, is critical because data breaches resulting from cyberattacks can include personally identifiable information (PII), health information, financial information, intellectual property and other personal data.

Security 40

Security Data breaches Data Privacy Compliance 40

IT Governance

MARCH 11, 2024

Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc. Source (New) Professional services Netherlands Yes 28.3 Source (New) Professional services Netherlands Yes 28.3

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

IT Governance

JANUARY 3, 2024

TB exfiltrated Comcast Cable Communications, LLC (Xfinity) Source 1 ; source 2 (New) Telecoms USA Yes 35,879,455 Tecnoquadri Srl Source (New) Manufacturing Italy Yes 33,000,000 Asia Insurance Co.

Data Privacy 107

Data Privacy Insurance Manufacturing Retail 107

IT Governance

MARCH 5, 2024

Known data breached Pure Incubation Ventures Source (New) Professional services USA Yes 183,754,481 EasyPark Source 1 ; source 2 ; source 3 (Update) Software Sweden Yes 21,100,000 Cutout.Pro Source (New) Software Hong Kong Yes 19,972,829 Optum Source 1 ; source 2 (New) Healthcare USA Yes 6 TB Kumagai Gumi Group Co.,

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

APRIL 22, 2024

Mobile Guardian app hacked, compromising Singaporean parent and teacher data The names and email addresses of parents and teachers from 5 primary and 122 secondary schools in Singapore have been compromised after a mobile app was hacked.

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

Collibra

DECEMBER 16, 2020

Likewise, healthcare organizations operate in a highly regulated industry, which often has standards or regulations around data privacy and data security. Risk mitigation – data privacy compliance, personal information (PI) data discovery, policy enforcement, vendor risk management.

Government 59

Government Data Privacy Privacy Communications 59

Security Affairs

JULY 18, 2019

Small business owners are less likely to have taken adequate measures to protect their digital systems and are consequently at an even higher risk of sustaining a data breach or a ransomware attack than a major corporation. states are left on their own to fine companies which don’t take cybersecurity or client privacy seriously.

Cybersecurity 62

Cybersecurity Education Government Risk 62

IT Governance

JANUARY 23, 2024

Source (New) Real estate USA Yes 46,906 Hampton-Newport News Community Services Board Source 1 ; source 2 ; source 3 (New) Healthcare USA Yes 44,312 Air Methods Source 1 ; source 2 (New) Healthcare USA Yes 34,016 GREYHOURS Source (New) Retail France Yes 18,700 Groveport Madison Schools Source 1 ; source 2 ; source 3 (Update) Education USA Yes 15.5

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

APRIL 9, 2024

million patients’ data via unsecured database According to DataBreaches.net, EyeCare Services Partners – a group of eye care providers based in Dallas, Texas – left 50 TB of data exposed via an unsecured blob. Other databases contained health insurance data, such as patents’ names, dates of birth, addresses and medical data.

Data Privacy 52

Data Privacy Privacy Security Manufacturing 52

IT Governance

DECEMBER 5, 2023

Source (New) Education USA Yes 3,022 Lakeview Healthcare System, LLC Source 1 ; source 2 (New) Healthcare USA Yes 2,495 The Hershey Company Source (New) Manufacturing USA Yes 2,214 Park Bank Source (New) Finance USA Yes 2,081 The Walker School, Inc. Source (New) Education USA Yes 1,493 Kimber Mfg.,

Data Privacy 106

Data Privacy Privacy Manufacturing Retail 106

ForAllSecure

MAY 17, 2023

Chris Gray of Deep Watch talks about the view from the inside of a virtual SOC, the ability to see threats against a large number of SMB organizations, and the changes to cyber insurance we’re seeing as a result. VAMOSI: Cybersecurity insurance. cyber insurance as a whole was changing heavily. And why is that?

Insurance 40

Insurance Privacy Ransomware GDPR 40

IT Governance

DECEMBER 11, 2023

Source (New) Transport USA Yes 129,611 Tcman Source (New) Manufacturing Spain Yes 108 GB (179 files) Compass Group Italia Source (New) Hospitality Italy Yes 107 GB Pan-American Life Insurance Group, Inc. Incorporated Source (Update) Insurance USA Yes 7,361 Advantis Global, Inc. and Robert W. Baird & Co.

Data Privacy 101

Data Privacy Energy and Utilities Privacy Manufacturing 101

Data Matters

SEPTEMBER 24, 2019

The GDPR was designed to harmonize data protection laws across Europe and to protect EU residents’ data privacy rights; and, its coming triggered significant privacy and data protection compliance activities amongst organizations doing business in the EU and working with the personal data of EU residents.

Personal data 68

Personal data GDPR Data Privacy Privacy 68

IT Governance

FEBRUARY 27, 2024

The breached data may include names, Social Security numbers and health insurance information. Data breached: 4,662,668 individuals’ data. 2,350,236 individuals’ health data compromised in American Vision Partners breach Medical Management Resource Group, L.L.C. Data breached: 2,350,236 individuals’ data.

Data Privacy 52

Data Privacy Manufacturing Privacy Data breaches 52

IT Governance

FEBRUARY 6, 2024

Source 1 ; source 2 (New) Professional services USA Yes 11,556 Poder Judicial de Santa Cruz Source (New) Legal Argentina Yes 8,732 J.D.

Data Privacy 88

Data Privacy Privacy Insurance Security 88

IT Governance

JANUARY 16, 2024

GB Rebekah Children’s Services Source (New) Non-profit USA Yes 2,805 Butte School District Source 1 ; source 2 (Update) Education USA Yes 2,658 Dignity Health Nevada St. GB Rebekah Children’s Services Source (New) Non-profit USA Yes 2,805 Butte School District Source 1 ; source 2 (Update) Education USA Yes 2,658 Dignity Health Nevada St.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

JANUARY 30, 2024

Source (New) Retail USA Yes 2,588,849 Keenan & Associates Source 1 ; source 2 (Update) Insurance USA Yes 1,509,616 AGC Group Source (New) Manufacturing Japan Yes 1.5 TB Four Hands Source (New) Manufacturing USA Yes 1.5 TB UK forex customers Source (New) Finance UK Yes 1,001,214 A.N.S. Source (New) Non-profit USA Yes 25,908.62

Data Privacy 52

Data Privacy Retail Privacy Manufacturing 52

eSecurity Planet

JANUARY 21, 2021

Data privacy regulations like the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) can be hard to navigate for businesses of any size, but GRC tools can simplify and streamline compliance with all of the requirements. Insurance & claims management. Back to top.

Compliance 67

Compliance Risk Government Retail 67

IT Governance

JANUARY 30, 2019

Data protection under the GDPR looks like this: there are data subjects (that’s individuals like you and me), and we own our own personal data. Vital interests : for example, when processing data will protect someone’s physical integrity or life (either the data subject’s or someone else’s).

GDPR 86

GDPR Compliance Personal data Data breaches 86

eSecurity Planet

JANUARY 21, 2021

Data privacy regulations like the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) can be hard to navigate for businesses of any size, but GRC tools can simplify and streamline compliance with all of the requirements. Insurance & claims management. Back to top.

Compliance 57

Compliance Risk Government Retail 57

eDiscovery Daily

DECEMBER 3, 2017

Accountability: data subjects should have a method available to them to hold data collectors accountable for not following the above principles. The OECD Guidelines, however, were non-binding, and data privacy laws still varied widely across Europe. Discuss steps to take to insure compliance with the GDPR.

GDPR 44

GDPR IT Personal data Privacy 44

Collibra

NOVEMBER 2, 2020

Education information not considered publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act. Collibra Data Privacy enables organizations to: Identify data that may be considered personal information under the CCPA.

Privacy 59

Privacy Education Insurance GDPR 59

IT Governance

APRIL 29, 2024

Known data breached Discord (via Spy.pet) Source (New) IT services USA Yes 4,186,879,104 Baidu, Inc., Source (New) Finance USA Yes 1,955,385 BerryDunn and Reliable Networks Source (New) Finance and IT services USA Yes 1,107,354 VISAV Limited Source (New) IT services UK Yes >1,000,000 Designed Receivable Solutions, Inc.

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94

Information Governance Perspectives

JULY 23, 2020

And I think in predicting who’s going to dominate this growing market, again, we have to go back to the issue of cybersecurity, confidentiality and data privacy, don’t we? Organizations, courts of law, law firms, and attorneys like yourself are going to want to select tools to protect you and your clients from breaches.

Cybersecurity 52

Cybersecurity Passwords Risk IT 52