Security Affairs

JANUARY 6, 2019

The Dark Overlord hacking group claims to have stolen a huge trove of documents from the British insurance company Hiscox, Hackers stole “hundreds of thousands of documents,” including tens of thousands files related to the 9/11 terrorist attacks. In October 2017, the group broke into the celeb London Bridge Plastic Surgery clinic.

Insurance 111

Insurance Data breaches Sales Government 111

Hunton Privacy

JANUARY 16, 2021

million civil monetary penalty imposed by the Department of Health and Human Services’ Office for Civil Rights (“OCR”) in 2017 against the University of Texas M.D. The United States Court of Appeals for the Fifth Circuit recently vacated a $4.3 Anderson Cancer Center (“MD Anderson”). OCR investigated and imposed the $4.3

Encryption 71

Encryption Privacy Insurance Security 71

Schneier on Security

FEBRUARY 28, 2024

In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017. The 9/11 attacks cost insurers and reinsurers $47 billion.

Insurance 89

Insurance Government Cybersecurity Risk 89

eSecurity Planet

DECEMBER 7, 2023

Encryption uses mathematical algorithms to transform and encode data so that only authorized parties can access it. What Encryption Is and How It Relates to Cryptology The science of cryptography studies codes, how to create them, and how to solve them. How Does Encryption Process Data? How Does Encryption Process Data?

Encryption 95

Encryption IT Passwords IoT 95

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

eSecurity Planet

FEBRUARY 11, 2022

The simplest example may be insurance. Life, health, auto, and other insurance are all designed to help a person protect against losses. Advanced Encryption. Though data encryption is helpful against outside breaches, it does little to protect against internal data theft. Enhancing Risk Management.

Risk 121

Risk Cybersecurity Encryption Access 121

Security Affairs

NOVEMBER 30, 2020

. “Sources told Action News, the cybercriminals gained control of the network on Saturday encrypting files, including police reports, payroll, purchasing, and other databases. “Sources said the county is in the process of paying the $500,000 ransom as it’s insured for such attacks.”

Computer and Electronics 104

Computer and Electronics Ransomware Insurance Encryption 104

Data Protection Report

AUGUST 29, 2017

A “breach of security” will now exclude unauthorized acquisition of encrypted data unless the acquisition includes, or is reasonably believed to include, the encryption key and the person who owns or licenses the data has a reasonable belief that the encryption key could render that personal information readable or useable.

Data breaches 40

Data breaches Insurance Encryption Passwords 40

Hunton Privacy

APRIL 27, 2017

Earlier this month, the New York State Department of Financial Services (“NYDFS”) recently published FAQs and key dates for its cybersecurity regulation (the “NYDFS Regulation”) for financial institutions that became effective on March 1, 2017. September 27, 2017 – the initial 30-day period for filing Notices of Exemption ends.

Cybersecurity 53

Cybersecurity Compliance Financial Services Insurance 53

Hunton Privacy

JULY 24, 2020

On Wednesday, July 22, the New York Department of Financial Services (the “NYDFS”) announced that it had filed administrative charges against First American Title Insurance Co. under the NYDFS Cybersecurity Regulation , marking the agency’s first enforcement action since the rules went into effect in March 2017. NYCRR 500.14(b):

Cybersecurity 85

Cybersecurity Risk Financial Services Insurance 85

Hunton Privacy

FEBRUARY 3, 2017

On February 1, 2017, the U.S. This is the third enforcement action taken by OCR in 2017, following the respective actions taken against MAPFRE Life Insurance of Puerto Rico and Presence Health earlier in January. Department of Health and Human Services’ Office for Civil Rights (“OCR”) announced a $3.2

Privacy 40

Privacy Security Insurance Encryption 40

eSecurity Planet

FEBRUARY 16, 2021

All of your files are encrypted with RSA-2048 and AES-128 ciphers.” ” Or you might see a readme.txt stating, “Your files have been replaced by these encrypted containers and aren’t accessible; you will lose your files on [enter date] unless you pay $2500 in Bitcoin.” IMPORTANT INFORMATION !!!

Ransomware 97

Ransomware Encryption Insurance Cloud 97

Hunton Privacy

JANUARY 25, 2017

On January 18, 2017, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) entered into a resolution agreement with MAPFRE Life Insurance Company of Puerto Rico (“MAPFRE”) relating to a breach of protected health information (“PHI”) contained on a portable storage device.

Security awareness 40

Security awareness Insurance Risk Compliance 40

Hunton Privacy

JULY 23, 2015

A brief summary of the data security requirements for health insurers and state contractors is set forth below: Health Insurers. Encrypt personal information being transmitted or while stored on a portable device. On July 1, 2015, Connecticut’s governor signed into law Public Act No. State Contractors.

Insurance 49

Insurance Data breaches Encryption Authentication 49

HL Chronicle of Data Protection

FEBRUARY 25, 2020

The NYDFS Regulation originally came into effect on March 1, 2017, and provided for a two-year implementation plan for companies to develop a robust cybersecurity program. The Act has a particularly broad reach, impacting any company that owns or licenses private information of New York residents.

Cybersecurity 104

Cybersecurity Financial Services Data breaches Insurance 104

Data Protection Report

SEPTEMBER 11, 2017

In one example of a post-attack disclosure, FedEx’s most recent 10-K (May 2017) discusses the impact of the WannaCry and Petya attacks on FedEx systems and subsidiaries. Norton Rose Fulbright has been shortlisted for ‘Cyber law firm of the year’ at the Insurance Insider Cyber Ranking Awards 2017. Ransomware incident disclosures.

Risk 40

Risk Ransomware Insurance Data breaches 40

Data Matters

AUGUST 27, 2018

The NYDFS has been assisting Covered Entities with compliance questions through its frequently asked questions (“FAQs”) and answers on the NYDFS website, originally published on June 20, 2017 and updated most recently on August 9, 2018. They also became obligated to report cybersecurity events to the NYDFS.

Cybersecurity 60

Cybersecurity Compliance Encryption Risk 60

Info Source

DECEMBER 7, 2017

Westampton, NJ – December 7, 2017 – We are pleased to announce that Mavro Imaging is celebrating its ten-year anniversary. Built-in End-to-End Encryption. In just ten short years, Mavro’s flagship document imaging and data capture software, MavBridge™, has become a customer favorite in the industry. Intelligent Check Separation.

Insurance 40

Insurance Encryption Government IT 40

eSecurity Planet

SEPTEMBER 14, 2022

According to statistics from the FBI’s 2021 Internet Crime Report , complaints to the Internet Crime Complaint Center (IC3) have been rising since 2017. Finance and insurance finished a close second at 22.4%. Finance and insurance companies were particularly vulnerable to the sort of phishing scams we’re talking about.

Energy and Utilities 115

Energy and Utilities Phishing Blockchain Cybersecurity 115

IT Governance

OCTOBER 23, 2018

The data included bank account details, salary information, dates of birth, National Insurance numbers, addresses and phone numbers. The 2014 breach saw Andrew Skelton, a disgruntled senior internal auditor, upload the details of 99,998 staff to data sharing websites. The first data leak class action in the UK.

Personal data 58

Personal data Data breaches Risk Insurance 58

DLA Piper Privacy Matters

OCTOBER 20, 2017

On 18 October 2017, WP29 published proposed Guidelines on two key aspects of the GDPR – namely: Personal Data Breach Notification (Articles 33/34); and. Both proposed Guidelines are open for consultation until 28 November 2017. Profiling and Automated Decision Making (Article 22). Data Breach Notification.

Data breaches 40

Data breaches Personal data Encryption GDPR 40

Data Protection Report

JANUARY 7, 2019

Entities covered by the Regulation, which includes not only banks and insurers, but also other financial service institutions and licensees regulated by the DFS that utilize third-party service providers, will be required to implement third-party risk management programs by March 1. Third-party service provider risk management program.

Cybersecurity 40

Cybersecurity Compliance Financial Services Risk 40

eDiscovery Daily

APRIL 7, 2019

Janik begins his article by referencing the DLA Piper NotPetya ransomware attack in 2017, as follows: “Imagine it’s a usual Tuesday morning, and coffee in hand you stroll into your office. A recent American Bar Association report stated that 22% of law firms reported a cyberattack or data breach in 2017, up from 14% the year before.

Data breaches 57

Data breaches Cybersecurity e-Discovery Computer and Electronics 57

Hunton Privacy

JULY 11, 2017

On July 10, 2017, the Cyberspace Administration of China published a new draft of its Regulations on Protecting the Security of Key Information Infrastructure (the “Draft Regulations”), and invited comment from the general public. The Draft Regulations will remain open for comment through August 10, 2017. This post has been updated. .

Energy and Utilities 45

Energy and Utilities Security Cybersecurity Manufacturing 45

Hunton Privacy

MAY 16, 2017

On May 12, 2017, a massive ransomware attack began affecting tens of thousands of computer systems in over 100 countries. The ransomware, known as “WannaCry,” leverages a Windows vulnerability and encrypts files on infected systems and demands payment for their release.

Ransomware 61

Ransomware Insurance Access Information Security 61

ARMA International

AUGUST 2, 2019

with Equifax in connection with a 2017 data breach that exposed sensitive, personal data of around 147 million people. See FTC press release Equifax to Pay $575 Million as Part of Settlement with FTC, CFPB, and States Related to 2017 Data Breach , July 22, 2019.). Equifax agreed to pay between $575 million and $700 million in total.

Cloud 41

Cloud Data breaches Encryption Access 41

The Last Watchdog

AUGUST 1, 2019

That includes social security and social insurance numbers, bank account numbers, phone numbers, birth dates, email addresses and self-reported income; in short, just about everything on an identity thief’s wish list. In addition, sensitive data was not encrypted at rest, and no one was auditing access logs. This was the Perfect Storm.

Data Privacy 147

Data Privacy Privacy Data breaches Cloud 147

Krebs on Security

JANUARY 19, 2022

is perhaps better known as the online identity verification service that many states now use to help staunch the loss of billions of dollars in unemployment insurance and pandemic assistance stolen each year by identity thieves. We encrypt all that stuff down to the file level with keys that rotate and expire every 24 hours.

Access 363

Access Insurance Authentication Government 363

eSecurity Planet

APRIL 6, 2023

Ransomware is a type of malicious program, or malware, that encrypts files, documents and images on a computer or server so that users cannot access the data. These keys are available to the attacker, and the encryption can only be decrypted using a private key. How Does Ransomware Work?

Ransomware 88

Ransomware Encryption Cybersecurity Risk 88

HL Chronicle of Data Protection

MARCH 14, 2019

Specific information security measures. The proposed Rule is much more detailed in terms of security measures that FIs must implement.

Privacy 40

Privacy Risk Cybersecurity Information Security 40

Data Matters

MAY 9, 2019

The National Association of Insurance Commissioners (NAIC) held its Spring 2019 National Meeting (Spring Meeting) in Orlando, Florida, from April 6 to 9, 2019. ceding insurer could be eligible for the same reduced collateral requirements that would apply to qualifying EU reinsurers under the revised CFR Model Laws.

Insurance 68

Insurance Blockchain Big data Risk 68

IT Governance

FEBRUARY 5, 2018

Increased interest in cyber insurance. With more than 800 million records being leaked in 2017 ( find out more in our Breaches and Hacks Blog Archive ), it’s not surprising that cyber insurance business has increased in recent months. Insurers assess an organisation’s cyber risk to set premium levels.

Insurance 71

Insurance Risk Government Paper 71

IT Governance

DECEMBER 27, 2019

Victims of Equifax’s 2017 data breach were given the go-ahead to launch a class-action lawsuit. This meant they weren’t encrypted, making them freely accessible to as many as 20,000 employees, most of whom had no legitimate reason to access the information. million people – just under a third of the country’s population.

Data breaches 69

Data breaches GDPR Passwords Personal data 69

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. The ballot initiative largely mirrored what is now the language in the CCPA.

Privacy 58

Privacy Sales Compliance Cybersecurity 58

The Last Watchdog

AUGUST 15, 2019

A survey of local media reports by Recorded Future tallied 38 ransomware attacks against cities in 2017, rising to 53 attacks in 2018. insurance giant Beazley Worldwide reported that the average ransomware demand in 2018 was more than $116,000, a figure admittedly skewed by some very large demands. mayors attending the U.S.

Ransomware 156

Ransomware Access Cybersecurity Insurance 156

IT Governance

FEBRUARY 20, 2020

Ransomware is a specific type of malware that encrypts computer files, essentially locking the owner out of their systems. According to a report from the insurance broker Gallagher , 49% of local councils have been attacked since the start of 2017 and 37% were attacked in the first half of 2019 alone. What is ransomware?

Ransomware 95

Ransomware Phishing Retail Insurance 95

Adam Levin

MAY 19, 2021

Equifax, 2017: A data breach impacted almost 150 million Equifax customers, who subsequently reported identity-related crimes using that data. Many companies now offer insurance policies that can help you recoup lost money, and even help you through the reporting and recovery process.

Risk 87

Risk Data breaches Cybersecurity Insurance 87