Adam Levin

JUNE 25, 2018

South Carolina became the first state to pass a law requiring all insurance entities to create and maintain a cybersecurity and data breach response program. . The law itself was drafted by the National Association of Insurance Commissioners’ Cybersecurity Working Group, and was adapted from a similar proposal in New York.

Insurance 40

Insurance Cybersecurity Data breaches Government 40

Data Matters

SEPTEMBER 4, 2019

The National Association of Insurance Commissioners (NAIC) held its Summer 2019 National Meeting (Summer Meeting) in New York City from August 3 to 6, 2019. The amended regulation took effect on August 1, 2019, for annuity products and will become effective on February 1, 2020, for life insurance products.

Insurance 68

Insurance Paper Risk Analytics 68

Data Matters

JANUARY 14, 2019

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The Act is designed to “establish standards for data security and for the investigation and notification to the Superintendent of Insurance of a cybersecurity event.”.

Insurance 68

Insurance Security Cybersecurity Data breaches 68

Data Matters

JULY 30, 2018

In October 2017, the National Association of Insurance Commissioners (NAIC) adopted an Insurance Data Security Model Law. On May 3, 2018, South Carolina became the first state to enact this Model Law, in the form of the South Carolina Insurance Data Security Act (H.B. See CT Gen Stat § 38a-999b (2015) ; 23 NYCRR 500.

Insurance 60

Insurance Security Cybersecurity Data breaches 60

Hunton Privacy

AUGUST 6, 2019

On August 2, 2019, New Hampshire Governor Chris Sununu signed into law SB 194 (the “Bill”), which requires insurers licensed in the state (“licensees”) to put in place data security programs and report cybersecurity events. The state insurance commissioner may take “necessary or appropriate” action to enforce the new law.

Insurance 81

Insurance Security Cybersecurity Information Security 81

Krebs on Security

JULY 23, 2020

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. based First American [ NYSE:FAF ] is a leading provider of title insurance and settlement services to the real estate and mortgage industries. billion in 2019.

Insurance 284

Insurance Financial Services Mining Access 284

Data Protection Report

FEBRUARY 27, 2020

Given the level of interest in the case, we have prepared a deeper-dive into the facts and the implications of the decision, with a focus on the important role played in the case by cyber insurance. Until recently, there had not been an example of a cyber insurer actively participating in a recovery action. This is set out below.

Insurance 81

Insurance Risk Data breaches Personal data 81

Data Matters

FEBRUARY 20, 2019

On January 18, 2019, the New York State Department of Financial Services (NYDFS) issued Circular Letter 2019-1 (the Circular Letter), addressing insurers’ use of external consumer data and information sources in underwriting for life insurance. Unlawful Discrimination.

Insurance 68

Insurance Financial Services Compliance Retail 68

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. But in a letter sent to affected individuals dated Feb. 13, 2018 and Mar.

Passwords 353

Passwords Access Insurance Government 353

Krebs on Security

JUNE 18, 2021

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. The SEC says First American derives nearly 92 percent of its revenue from its title insurance segment, earning $7.1 This week, the U.S. billion last year.

Insurance 265

Insurance Risk Financial Services Mining 265

Krebs on Security

AUGUST 14, 2020

billion in 2019. The “RCM” portion of its name refers to “revenue cycle management,” an industry which tracks profits throughout the life cycle of each patient, including patient registration, insurance and benefit verification, medical treatment documentation, and bill preparation and collection from patients.

Ransomware 358

Ransomware Insurance Phishing IT 358

Hunton Privacy

SEPTEMBER 3, 2019

On August 29, 2019, the Maryland Insurance Administration issued new breach notification requirements for entities that provide health insurance or related services. The new requirements will apply to insurers, non-profit health plans, HMOs, third-party administrators, and certain other managed care entities.

Insurance 40

Insurance Security IT 40

Hunton Privacy

FEBRUARY 29, 2024

It filed a breach report with OCR in February 2019, which then investigated the organization’s data practices starting in December 2019. This marks the second such settlement with a HIPAA-regulated entity for violations that were discovered following a ransomware attack, according to HHS.

Ransomware 111

Ransomware Personal data Risk Privacy 111

Hunton Privacy

OCTOBER 14, 2019

Join us on October 28, 2019, at 12:00 p.m. A SAFETY Act designation or certification complements a company’s traditional insurance policies to mitigate the potential liabilities from a cyber or physical attack.

Insurance 49

Insurance Security Retail Risk 49

Security Affairs

JULY 21, 2021

Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a popular hacker forum. Drug prescription listings).

Insurance 111

Insurance Passwords Libraries Access 111

Security Affairs

DECEMBER 28, 2022

The chief executive of insurance giant Zurich warns that cyber attacks, rather than natural catastrophes, will become uninsurable. Mario Greco, chief executive of insurer giant Zurich, has warned that cyber attacks will become soon “uninsurable.”. What will become uninsurable is going to be cyber,” Mario Greco told the Financial Times.

Insurance 93

Insurance Risk Ransomware IT 93

Hunton Privacy

JULY 1, 2022

(“Carnival”), the world’s largest cruise-ship operator, for violations of the Cybersecurity Regulation (23 NYCRR Part 500) in connection with four cybersecurity events between 2019 and 2021, including two ransomware events. .

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

IT Governance

MAY 30, 2019

The cyber security story for May 2019 is much the same as it was last month, with one mammoth breach raising the monthly total. which breached sixteen years’ worth of insurance data. leaked sixteen years’ worth of title insurance records (885 million). The post List of data breaches and cyber attacks in May 2019 – 1.39

Data breaches 112

Data breaches Personal data Ransomware Phishing 112

IT Governance

OCTOBER 24, 2019

The insurance firm Hiscox found that 61% of organisations were compromised in the past 12 months. Consider that the 2019 SonicWall Cyber Threat Report identified a record-high 10.52 But while they focus on the negatives, Cisco’s 2019 Data Privacy Benchmark Study has looked at the ways the GDPR has been a success.

Data breaches 56

Data breaches GDPR Compliance Insurance 56

Krebs on Security

MAY 31, 2019

That measure, which went into effect in March 2019 and is considered among the toughest in the nation, requires financial companies to regularly audit and report on how they protect sensitive data, and provides for fines in cases where violations were reckless or willful. ”

Financial Services 203

Financial Services Insurance Sales Authentication 203

Data Matters

SEPTEMBER 20, 2021

The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. Highlights include, among others, adoption of revised risk-based capital bond factors for life insurers, amendments to SSAP No. NAIC Adopts Revised Risk-Based Capital Bond Factors for Life Insurers.

Insurance 88

Insurance e-Delivery Paper Sales 88

Data Protection Report

JUNE 2, 2021

million settlement with two related insurance companies, relating to violations of two different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2019. This matter began when insurance affiliate #1, licensed by NYDFS, discovered a phishing email in September of 2018. NYDFS Cybersecurity Regulation.

Cybersecurity 70

Cybersecurity Insurance Financial Services Phishing 70

IT Governance

JUNE 27, 2019

June 2019’s total of 39,713,046 breached records is the lowest since May last year – the month that the GDPR (General Data Protection Regulation) came into effect. Virginia-based insurer Dominion National investigating data breach dating back to 2010 (unknown). The post List of data breaches and cyber attacks in June 2019 ­– 39.7

Data breaches 111

Data breaches Personal data Ransomware GDPR 111

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories. Part one covers January to June, and will be followed by part in the coming days.

Data breaches 69

Data breaches GDPR Passwords Personal data 69

IT Governance

FEBRUARY 26, 2019

I count this month’s total of leaked records to be 692,853,046, bringing 2019’s total to 2,462,038,109. Possibility of data breach with mySalam health insurance scheme, Perkasa claims. The post List of data breaches and cyber attacks in February 2019 – 692,853,046 records leaked appeared first on IT Governance Blog.

Data breaches 109

Data breaches Sales Phishing Ransomware 109

IT Governance

AUGUST 6, 2019

Students and undergraduate applicants to Lancaster University had their personal details stolen in a pair of breaches that were disclosed on 22 July 2019. Patients were also offered free one-year membership to an identity protection service, covering insurance, credit monitoring and identity theft recovery.

Phishing 79

Phishing Personal data Passwords Access 79

Dark Reading

JUNE 24, 2019

Dominion National first spotted something awry in April of 2019.

Data breaches 96

Data breaches Insurance 96

Data Protection Report

SEPTEMBER 23, 2021

The matter involved one of France’s largest insurers, SGAM AG2R LA MONDIALE, which was subject to an inspection by the French data protection authority (the CNIL), in 2019. The CNIL’s inspection included the insurer’s compliance with Section 5-1(e) of GDPR , which reads: Personal data shall be. Perhaps the CNIL’s €1.75

Personal data 109

Personal data Insurance GDPR Record destruction 109

Krebs on Security

JUNE 4, 2019

1, 2018 and March 30, 2019. AMCA has advised LabCorp that Social Security Numbers and insurance identification information are not stored or maintained for LabCorp consumers.” Many readers wrote in to say they’d never heard of First American, but it is the largest title insurance company in the United States.

Insurance 242

Insurance Data Privacy Access Security 242

Data Matters

DECEMBER 11, 2018

The National Association of Insurance Commissioners (NAIC) held its Fall 2018 National Meeting (Fall Meeting) in San Francisco, California, from November 15 to 18, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data. systemic risk of insurers with other parts of the financial system, notably the banking.

Insurance 68

Insurance Paper Risk Big data 68

eDiscovery Law

DECEMBER 17, 2021

Key Insight: The attorney-client privilege for legal invoices is implicitly waived when those invoices are the primary form of direct evidence for the lawsuit.

Insurance 40

Insurance 40

OpenText Information Management

JANUARY 10, 2019

The industry is currently experiencing unprecedented disruption from factors like new market entrants (FinTechs, InsurTechs), evolving regulatory changes, increasing incidents of cyber-crime, mandates to reduce costs and deliver efficiencies across the enterprise, and expectations to deliver … The post A time of reflection: Five tips for Financial (..)

Financial Services 63

Financial Services Marketing IT Insurance 63

Security Affairs

OCTOBER 24, 2021

Stolen data spans from 2006 and 2019, local media outlets have confirmed their authenticity. “The cybercriminals put up for sale for $ 800 a database of 50 million lines with the data of drivers that were registered in Moscow and the Moscow region from 2006 to 2019. . ” continues the post.

Sales 100

Sales Insurance Analytics Authentication 100

Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. The Privacy Working Group has been reviewing state insurance privacy protections regarding the collection, ownership, use, and disclosure of information gathered in connection with insurance transactions.

Insurance 78

Insurance Paper Privacy Risk 78

Security Affairs

JUNE 12, 2021

According to a letter sent by the company to the Maine Attorney General and reported by TechCrunch , the subsidiary company left customer data spanning 2014 to 2019 unsecured online between August 2019 and May 2021. “This included information gathered for sales and marketing purposes from 2014 to 2019. .”

Data breaches 122

Data breaches Sales Insurance Marketing 122

Security Affairs

OCTOBER 6, 2023

.” The Company states that its cybersecurity insurance will cover the financial losses and future expenses, however, the full scope of the costs and related impacts has yet to be determined.

Ransomware 117

Ransomware Insurance Cybersecurity IT 117