Hunton Privacy

NOVEMBER 13, 2023

DMS did not detect the attack until after the ransomware was used to encrypt its files in December 2018. DMS is a HIPAA business associate (“BA”) that provides payer credentialing and medical billing services to HIPAA Covered Entities (“CEs”).

Ransomware 72

Ransomware Risk Insurance Encryption 72

Data Matters

AUGUST 27, 2018

Companies subject to New York’s Cybersecurity Regulation are acting quickly to finalize their compliance obligations as the fifth “due date,” September 4, 2018, quickly approaches. Looking ahead, Covered Entities will be required to meet one final compliance deadline for the NYDFS on March 1, 2019.

Cybersecurity 60

Cybersecurity Compliance Encryption Risk 60

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

eSecurity Planet

DECEMBER 7, 2023

Encryption uses mathematical algorithms to transform and encode data so that only authorized parties can access it. What Encryption Is and How It Relates to Cryptology The science of cryptography studies codes, how to create them, and how to solve them. How Does Encryption Process Data? How Does Encryption Process Data?

Encryption 111

Encryption IT Passwords IoT 111

Security Affairs

JANUARY 6, 2019

The Dark Overlord hacking group claims to have stolen a huge trove of documents from the British insurance company Hiscox, Hackers stole “hundreds of thousands of documents,” including tens of thousands files related to the 9/11 terrorist attacks. “ There’s five layers to go. Layer 1, 2, 3, 4, and fine finally Layer 5.

Insurance 111

Insurance Data breaches Sales Government 111

eSecurity Planet

AUGUST 9, 2022

And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. M]uch of InfoSec management falls back on employee training and avoiding employee error – particularly with respect to phishing , spear phishing, and encryption lapses.”.

Data Privacy 145

Data Privacy Compliance Privacy Security 145

IBM Big Data Hub

APRIL 24, 2024

The app heavily encrypts all user financial data. Deploying privacy protections: The app uses encryption to protect data from cybercriminals and other prying eyes. The UK Data Protection Act 2018 The Data Protection Act 2018 is, essentially, the UK’s version of the GDPR.

Data Privacy 83

Data Privacy Privacy GDPR Personal data 83

Hunton Privacy

JANUARY 16, 2021

The Court held that OCR’s civil monetary penalty for alleged violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy Rule and HIPAA Security Rule was “arbitrary, capricious, and otherwise unlawful.”. The United States Court of Appeals for the Fifth Circuit recently vacated a $4.3

Encryption 71

Encryption Privacy Insurance Security 71

Data Matters

FEBRUARY 6, 2019

On December 3, 2018, twelve attorneys general (“AGs”) jointly filed a data breach lawsuit against Medical Informatics Engineering and its subsidiary, NoMoreClipboard LLC (collectively “the Company”), an electronic health records company, in federal district court in Indiana. 3, 2018). See Indiana v. Informatics Eng’g, Inc. ,

Data breaches 83

Data breaches Computer and Electronics Security Insurance 83

Thales Cloud Protection & Licensing

DECEMBER 22, 2020

New EU restrictions could force companies to change data transfer practices and adopt more advanced data encryption methods. The most sweeping and aggressive regulation, the European Union’s General Data Protection Regulation (GDPR), went into full force in May 2018. Tue, 12/22/2020 - 10:08. In the Dec. In the Dec.

Data Privacy 118

Data Privacy Privacy Security Encryption 118

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

Security Affairs

JUNE 20, 2019

. “The Riviera Beach City Council voted unanimously this week to pay the hackers’ demands, believing the Palm Beach suburb had no choice if it wanted to retrieve its records, which the hackers encrypted.” “The payment is being covered by insurance.” ” reported the Associated Press.

Insurance 89

Insurance Ransomware Encryption Government 89

eSecurity Planet

FEBRUARY 16, 2021

All of your files are encrypted with RSA-2048 and AES-128 ciphers.” ” Or you might see a readme.txt stating, “Your files have been replaced by these encrypted containers and aren’t accessible; you will lose your files on [enter date] unless you pay $2500 in Bitcoin.” IMPORTANT INFORMATION !!!

Ransomware 97

Ransomware Encryption Insurance Cloud 97

Hunton Privacy

APRIL 3, 2018

On March 28, 2018, Alabama became the final state in the U.S. The Alabama Data Breach Notification Act of 2018 (S.B. 318) (“the Law”) goes into effect on May 1, 2018. Key Provisions of the Alabama Data Breach Notification Act of 2018: The law applies to “covered entities” and their “third-party agents.”

Data breaches 72

Data breaches Encryption Insurance Risk 72

Hunton Privacy

FEBRUARY 5, 2018

On February 1, 2018, the Department of Health and Human Services’ Office for Civil Rights (“OCR”) announced a settlement with dialysis clinic operator, Fresenius Medical Care (“Fresenius”). Fresenius will pay OCR $3.5

Insurance 48

Insurance Risk Encryption Access 48

Hunton Privacy

JULY 24, 2020

On Wednesday, July 22, the New York Department of Financial Services (the “NYDFS”) announced that it had filed administrative charges against First American Title Insurance Co. under the NYDFS Cybersecurity Regulation , marking the agency’s first enforcement action since the rules went into effect in March 2017. NYCRR 500.14(b):

Cybersecurity 85

Cybersecurity Risk Financial Services Insurance 85

Data Protection Report

AUGUST 29, 2017

Earlier this month, Delaware revamped its data breach notification law, with changes to go into effect April 14, 2018. Norton Rose Fulbright has been shortlisted for ‘Cyber law firm of the year’ at the Insurance Insider Cyber Ranking Awards 2017.

Data breaches 40

Data breaches Insurance Encryption Passwords 40

Krebs on Security

AUGUST 17, 2018

In July 2018, KrebsOnSecurity broke the news of two separate cyber break-ins at tiny National Bank of Blacksburg in Virginia in a span of just eight months that led to ATM cashouts netting thieves more than $2.4 The Blacksburg bank is now suing its insurance provider for refusing to fully cover the loss.

Data breaches 185

Data breaches Access Insurance Phishing 185

Hunton Privacy

APRIL 27, 2017

February 15, 2018 – covered entities are required to submit the first certification under the NYDFS Regulation on or prior to this date. March 1, 2018 – the one year transitional period ends. September 3, 2018 – the eighteen month transitional period ends. March 1, 2019 – the two year transitional period ends.

Cybersecurity 53

Cybersecurity Compliance Financial Services Insurance 53

Hunton Privacy

JUNE 17, 2019

Arizona and 15 other states (the “Multistate AGs”) filed the suit in December 2018, asserting claims under the federal Health Insurance Portability and Accountability (“HIPAA”) as well as various applicable state data protection laws. failed to encrypt the sensitive ePHI. failed to encrypt the sensitive ePHI.

Data breaches 58

Data breaches IT Insurance Privacy 58

DLA Piper Privacy Matters

MAY 5, 2020

Heeding the call, the European Commission issued some communications, such as the communication on “Europe on the Move” (COM(2018) 293 final), to guarantee a smooth transition towards a European mobility system which is safe, clean, connected and automated. Risks identified by the European Data Protection Board.

Privacy 69

Privacy Personal data GDPR Insurance 69

IT Governance

NOVEMBER 20, 2023

Records breached: Unknown ALPHV/BlackCat attacks MeridianLink then reports it to the SEC Date of breach: 7 November Breached organisation: MeridianLink Incident details: The ALPHV/BlackCat ransomware group has added the software company MeridianLink to its leak site, having exfiltrated data without encrypting company systems.

Data Privacy 52

Data Privacy Privacy Data breaches Security 52

Data Protection Report

JANUARY 7, 2019

Entities covered by the Regulation, which includes not only banks and insurers, but also other financial service institutions and licensees regulated by the DFS that utilize third-party service providers, will be required to implement third-party risk management programs by March 1. Upcoming certifications. Additional guidance.

Cybersecurity 40

Cybersecurity Compliance Financial Services Risk 40

Information Management Resources

MARCH 15, 2019

The effects of a September 2018 ransomware attack are still reverberating for Wolverine Solutions Group, which serves both health insurers and provider organizations.

Data breaches 28

Data breaches Insurance Ransomware Encryption 28

Thales Cloud Protection & Licensing

FEBRUARY 15, 2018

Other cases include health information being stolen and sold to life insurance companies, home breakings being timed for when people are not home based on hacked thermostat information and much more. For example, are they encrypting their data? It took effort to force change, and it’s clear it simply would not have happened on its own.

IoT 89

IoT Encryption Military Insurance 89

Data Protection Report

JANUARY 29, 2018

On Tuesday, January 23, 2018, the South Dakota State Senate Judiciary Committee passed a bill that would require companies to inform consumers of any “unauthorized acquisition” of personal data, unless the company and the State Attorney General’s Office determine that the breach is unlikely to harm those affected. South Dakota.

Data breaches 40

Data breaches Insurance Personal data Encryption 40

Data Matters

OCTOBER 8, 2020

Ransomware attacks use malware, often injected through phishing schemes, to encrypt a victim’s data files or programs, followed by a ransom demand by the threat actor that offers the decryption key in exchange for payment. November 2018: two Iranian creators of SamSam ransomware. sanctions law violations if U.S. Since 2015, the U.S.

Ransomware 68

Ransomware Compliance Risk Government 68

OneHub

NOVEMBER 8, 2019

Insurance documents. In 2018, more than 6,500 data breaches were reported. Messages can even be encrypted as an additional security measure. All stored data is encrypted at rest and in transit, and only those with proper credentials can access each file. Legal documents. Accounting records. Permits and licenses.

Security 65

Security Data breaches Cloud Encryption 65

Hunton Privacy

JANUARY 26, 2018

On January 25, 2018, the Standardization Administration of China published the full text of the Information Security Technology – Personal Information Security Specification (the “Specification”). The Specification will come into effect on May 1, 2018.

Information Security 48

Information Security Security Privacy Personal data 48

Security Affairs

JUNE 5, 2020

Some of the call recordings take place in early- to mid-2018. Of the recordings we analyzed, most of them seem to have taken place in early- to mid-2018. However, one proof of income document was submitted on January 21, 2020. The recordings were apparently made for quality control, but they are not censored.

Access 74

Access Security Marketing Insurance 74

eDiscovery Daily

APRIL 7, 2019

Finding this odd, you turn to your firm receptionist who tells you that the firm was hit with a ransomware attack overnight, and that if you turn on your computer all of your files will be immediately encrypted, subject to a bitcoin ransom.”. An article written by Anton Janik, Jr.

Data breaches 57

Data breaches Cybersecurity e-Discovery Computer and Electronics 57

IT Governance

JUNE 1, 2023

MCNA Insurance MCNA Insurance, also known as MCNA Dental, was caught up in a cyber hacking incident last week, in which 112 covered entities were affected. MCNA Insurance later confirmed that 8,923,662 people were affected in the incident and said the breach was a result of a ransomware attack.

Data breaches 122

Data breaches Insurance Personal data Ransomware 122

Thales Cloud Protection & Licensing

APRIL 5, 2018

Key Findings from the 2018 Global Encryption Trends Study. No core technologies are more fundamental to data protection than encryption and key management. We’ve just released the results from our Global Encryption Trends Study which once again show positive growth in the use of encryption across a wide variety of use cases.

Encryption 48

Encryption Cloud IoT e-Discovery 48

ARMA International

AUGUST 2, 2019

According to its annual report , Equifax’s 2018 revenue was over $3 billion.) Though Capital One reports that it encrypts its data as a standard practice, the data was de-encrypted during the breach. The company also reports using tokenization for certain fields (e.g.,

Cloud 41

Cloud Data breaches Encryption Access 41

Data Matters

MAY 9, 2019

The National Association of Insurance Commissioners (NAIC) held its Spring 2019 National Meeting (Spring Meeting) in Orlando, Florida, from April 6 to 9, 2019. The vote to adopt the prior versions of the proposed amendments to the CFR Model Laws was delayed in December 2018 after the U.S.

Insurance 68

Insurance Blockchain Big data Risk 68

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. The ballot initiative largely mirrored what is now the language in the CCPA.

Privacy 58

Privacy Sales Compliance Cybersecurity 58

HL Chronicle of Data Protection

OCTOBER 21, 2019

Regulators, industry experts, and researchers provided insight into health privacy and security enforcement trends, emerging threats, and new tools at a recent conference focused on the Health Insurance Portability and Accountability (HIPAA) regulatory framework. million settlement in 2018.

Risk 40

Risk Compliance Privacy Phishing 40