Data Matters

JANUARY 14, 2019

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The Act is designed to “establish standards for data security and for the investigation and notification to the Superintendent of Insurance of a cybersecurity event.”.

Insurance 68

Insurance Security Cybersecurity Data breaches 68

Data Matters

SEPTEMBER 4, 2019

The National Association of Insurance Commissioners (NAIC) held its Summer 2019 National Meeting (Summer Meeting) in New York City from August 3 to 6, 2019. The amended regulation took effect on August 1, 2019, for annuity products and will become effective on February 1, 2020, for life insurance products.

Insurance 68

Insurance Paper Risk Analytics 68

John Battelle's Searchblog

JANUARY 25, 2019

My current work is split between two projects: One has to do with data governance, the other political media. And second… Governance. Government – well for sure, I’d wager that’s increased given who’s been running the country these past two years. But Governance? Data Governance. It’s Broke. Let’s Fix It.

Government 92

Government IT Marketing ROT 92

Security Affairs

MAY 9, 2020

Nigerian cyber gang SilverTerrier, specialized in BEC attacks, used COVID-19 lures in recent attacks on healthcare and government organizations. SilverTerrier has been active since at least 2014, it is a collective of over hundreds of individual threat actors. billion in global losses. “Over the past 90 days (Jan.

Government 65

Government Energy and Utilities Insurance Phishing 65

Hunton Privacy

JULY 1, 2022

Carnival”), the world’s largest cruise-ship operator, for violations of the Cybersecurity Regulation (23 NYCRR Part 500) in connection with four cybersecurity events between 2019 and 2021, including two ransomware events. . NYDFS also found that Carnival had failed to implement basic protocols to prevent data breaches.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

IT Governance

MAY 30, 2019

The cyber security story for May 2019 is much the same as it was last month, with one mammoth breach raising the monthly total. which breached sixteen years’ worth of insurance data. UK government commits email privacy blunder (300). Hong Kong government dental clinic loses patients’ personal data (383).

Data breaches 112

Data breaches Personal data Ransomware Phishing 112

IT Governance

JUNE 27, 2019

June 2019’s total of 39,713,046 breached records is the lowest since May last year – the month that the GDPR (General Data Protection Regulation) came into effect. Edcouch, TX, government hit by ransomware attack (3,000). NY, government systems accessed by unauthorised party (unknown). Hackers stole $1.75 Ransomware.

Data breaches 111

Data breaches Personal data Ransomware GDPR 111

IT Governance

MARCH 20, 2024

Possible reasons for this trend change Reasons for organisations deprioritising security may include: Rising costs and economic uncertainty; Geopolitical tensions and uncertainty; and Fewer UK businesses identifying attacks or breaches, according to government data. % Specifically, a 13.4% drop for businesses (from 82% to 71%), and a 13.9%

Security 116

Security Data breaches Government Insurance 116

Krebs on Security

FEBRUARY 20, 2024

First surfacing in September 2019, the gang is estimated to have made hundreds of millions of U.S. The government says Russian national Artur Sungatov used LockBit ransomware against victims in manufacturing, logistics, insurance and other companies throughout the United States. Department of Justice (DOJ).

Ransomware 274

Ransomware Encryption Insurance Manufacturing 274

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories. Part one covers January to June, and will be followed by part in the coming days.

Data breaches 69

Data breaches GDPR Passwords Personal data 69

IT Governance

NOVEMBER 6, 2023

When MOVEit was hacked by the Russian Cl0p ransomware gang in May, email addresses and links to government employee surveys were compromised. Compromised information included patients’ names, dates of birth, postal addresses, Social Security numbers, diagnosis and treatment information, and health insurance information.

Data Privacy 97

Data Privacy Privacy Libraries Security 97

IT Governance

OCTOBER 24, 2019

The insurance firm Hiscox found that 61% of organisations were compromised in the past 12 months. Consider that the 2019 SonicWall Cyber Threat Report identified a record-high 10.52 But while they focus on the negatives, Cisco’s 2019 Data Privacy Benchmark Study has looked at the ways the GDPR has been a success.

Data breaches 56

Data breaches GDPR Compliance Insurance 56

Data Protection Report

APRIL 30, 2024

As part of the order, the company agreed to post “clearly and conspicuously” on its websites and apps for the next two years: Between October 2019 and [date], we shared the personal of information of consumers visiting our website and apps with other companies without their permission. million consumers between October 2019 and March 2023.

Personal data 85

Personal data Privacy Information governance Compliance 85

eSecurity Planet

OCTOBER 18, 2021

The legal complaint [PDF] notes that on July 9, 2019, the day it was hit by a ransomware attack, Springhill Memorial Hospital contended that the event had “not affected patient care.” ” Cyber Insurance No Longer Reliable. Also read: Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs.

Ransomware 94

Ransomware Insurance Digital transformation Cybersecurity 94

Data Protection Report

SEPTEMBER 23, 2021

The matter involved one of France’s largest insurers, SGAM AG2R LA MONDIALE, which was subject to an inspection by the French data protection authority (the CNIL), in 2019. The CNIL’s inspection included the insurer’s compliance with Section 5-1(e) of GDPR , which reads: Personal data shall be. (e) Perhaps the CNIL’s €1.75

Personal data 110

Personal data Insurance GDPR Record destruction 110

IT Governance

AUGUST 6, 2019

Students and undergraduate applicants to Lancaster University had their personal details stolen in a pair of breaches that were disclosed on 22 July 2019. Your employees receive an average of 4.8 phishing emails every week. That’s why we’ve decided to review phishing attacks in practice. Hackers publish list of stolen Discord credentials.

Phishing 79

Phishing Personal data Passwords Access 79

IT Governance

FEBRUARY 26, 2019

I count this month’s total of leaked records to be 692,853,046, bringing 2019’s total to 2,462,038,109. Possibility of data breach with mySalam health insurance scheme, Perkasa claims. The post List of data breaches and cyber attacks in February 2019 – 692,853,046 records leaked appeared first on IT Governance Blog.

Data breaches 109

Data breaches Sales Phishing Ransomware 109

DLA Piper Privacy Matters

NOVEMBER 3, 2022

The news was swiftly followed up with an announcement from Medibank, Australia’s largest private health insurer, of a breach affecting all of its 3.9 As part of the Australian Government’s response to the public outcry generated by these breaches, a change to the Privacy Act 1988 (Cth) has been introduced into the Australian Parliament.

Privacy 97

Privacy Data breaches Insurance Government 97

IT Governance

JULY 6, 2020

million organisations fell victim to cyber crime in 2019. Beaming calculates that UK business lost almost £13 billion due to cyber crime in 2019, and when you factor in damaged assets, financial penalties and lost productivity, the total cost over the past five years is more than £87 billion. The benefits of certifying to the Standard.

Information Security 142

Information Security Phishing IoT Insurance 142

The Last Watchdog

APRIL 3, 2019

Identity governance and administration, or IGA , has suddenly become a front-burner matter at many enterprises. Related: Identity governance issues in the age of digital transformation. I had the chance at RSA 2019 to visit with Mike Kiser, global strategist at SailPoint , an Austin, TX-based supplier of IGA services to discuss this.

Digital transformation 140

Digital transformation Insurance Compliance Healthcare 140

Security Affairs

SEPTEMBER 1, 2020

“The adversary is particularly interested in exploits related to VPNs and network appliances , including CVE-2019-11510, CVE-2019-19781, and most recently CVE-2020-5902; reliance on exploits such as these lends to an opportunistic operational model.” ” continues the report. Pierluigi Paganini.

Access 90

Access Financial Services Retail Insurance 90

Everteam

APRIL 2, 2019

To support organizations in their efforts to manage their information properly, Spigraph is making two Everteam governance products available: everteam.discover and everteam.policy: everteam.discover is a file and content analytics solution that connects to both structured and unstructured data repositories across the organization.

Information governance 40

Information governance Marketing Government Digital transformation 40

IT Governance

MARCH 2, 2020

South Carolina-based United Health notifies patients of 2019 data breach (36). Puerto Rico government loses $2.6 Wake County, NC, learns that third party breached government employee info (1,900). The US Defence Information Systems Administration discloses 2019 cyber attack (unknown). Cyber attacks. Ransomware.

Data breaches 145

Data breaches Ransomware Phishing Personal data 145

Data Matters

AUGUST 30, 2021

2 The SEC’s Pearson Order follows its June 2021 announcement that it had settled charges against First American Title Insurance Company (First American) for cybersecurity disclosure control failures. The Order alleges that Pearson continued to use the server until July 2019 — the time the server was previously scheduled to be retired.

Cybersecurity 97

Cybersecurity Risk Data Privacy Passwords 97

Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. The Privacy Working Group has been reviewing state insurance privacy protections regarding the collection, ownership, use, and disclosure of information gathered in connection with insurance transactions.

Insurance 78

Insurance Paper Privacy Risk 78

Data Matters

DECEMBER 11, 2018

The National Association of Insurance Commissioners (NAIC) held its Fall 2018 National Meeting (Fall Meeting) in San Francisco, California, from November 15 to 18, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data. This post summarizes the highlights from this meeting. groups with non-U.S.

Insurance 68

Insurance Paper Risk Big data 68

IT Governance

NOVEMBER 20, 2023

Date of breach: 26 October 2023 Breached organisation: Homeland, Inc., a property management company in Kentucky Incident details: The ransomware group Hunters International has added Homeland, Inc. to its leak site. For more information about the SEC cyber security disclosure rules, register for our free webinar on 30 November.)

Data Privacy 52

Data Privacy Privacy Data breaches Security 52

IT Governance

JANUARY 9, 2024

million people was compromised, including names, addresses, dates of birth, Social Security numbers, taxpayer identification numbers, medical information, health insurance information, and billing and claims information. HealthEC LLC breached, almost 4.5 Information relating to nearly 4.5 Source (New) Legal USA Yes 310,297 Bit24.cash

Data Privacy 75

Data Privacy Privacy Manufacturing Data breaches 75

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. SEC Statement and Guidance on Public Company Cybersecurity Disclosures.

Cybersecurity 68

Cybersecurity Financial Services Risk Compliance 68

Data Matters

SEPTEMBER 3, 2020

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. NAIC Considers Comments to the Group Capital Calculation Template and Instructions and Related Revisions to the Insurance Holding Company Act . GCC Template and Instructions.

Insurance 68

Insurance Paper Artificial Intelligence Big data 68

Data Protection Report

APRIL 7, 2022

CafePress included in its email responses to consumers’ commonly asked questions, “CafePress.com also pledges to use the best and most accepted methods and technologies to insure [sic] your personal information is safe and secure.” The company fixed the vulnerability but did not notify affected individuals until September of 2019.

Privacy 113

Privacy Compliance Insurance Data collection 113

Security Affairs

JUNE 20, 2019

On Monday, city officials participating to a rapid meeting unanimously voted to use the city’s insurance to pay a ransom of 65 bitcoins (~$603,000). “The payment is being covered by insurance.” ” reported the Associated Press. ” continues the AP. million to hackers — about $2,400 per attack.

Insurance 87

Insurance Ransomware Encryption Government 87

IT Governance

MAY 2, 2019

A third of businesses and a fifth of charities were hit by a cyber attack or data breach in the past year, the UK government’s Cyber Security Breaches Survey 2019 has found. More medium-sized (31% vs 19%) and large businesses (35% vs 24%) have invested in cyber insurance.

Data breaches 69

Data breaches GDPR IT Compliance 69

ARMA International

JANUARY 30, 2020

State and federal governments already have criminal DNA databases, but calls for mandatory, national databases were resisted. December 23, 2019. [2] December 20, 2019. [3] December 24, 2019. [4]. December 27, 2019. [5] As quoted in the Military Times article [3] , citing security risks, Cmdr. 3] Snow, Shawn.

Military 106

Military Privacy Risk Insurance 106

Security Affairs

FEBRUARY 4, 2020

“MIS worked over the weekend with the city’s cybersecurity insurer “to develop a detailed plan to restore and recover systems without spreading the ransomware,” according to a statement from Powell. “We The city of Racine, Wisconsin, was hit with a ransomware, the incident took place on January 31, 2020.

Ransomware 72

Ransomware Government Insurance Cybersecurity 72

Info Source

MAY 20, 2019

May 20, 2019 – ABBYY , a global leader in Content IQ technologies and solutions, today announced it has signed an agreement to acquire Philadelphia, Pennsylvania-based TimelinePI. The transaction is expected to close by end of second quarter 2019. MILPITAS, Calif.,

Mining 40

Mining Digital transformation Analytics IT 40