Data Matters

SEPTEMBER 4, 2019

The National Association of Insurance Commissioners (NAIC) held its Summer 2019 National Meeting (Summer Meeting) in New York City from August 3 to 6, 2019. The amended regulation took effect on August 1, 2019, for annuity products and will become effective on February 1, 2020, for life insurance products.

Insurance 68

Insurance Paper Risk Analytics 68

Adam Levin

JUNE 25, 2018

South Carolina became the first state to pass a law requiring all insurance entities to create and maintain a cybersecurity and data breach response program. . The law itself was drafted by the National Association of Insurance Commissioners’ Cybersecurity Working Group, and was adapted from a similar proposal in New York.

Insurance 40

Insurance Cybersecurity Data breaches Government 40

Data Matters

JANUARY 14, 2019

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The Act is designed to “establish standards for data security and for the investigation and notification to the Superintendent of Insurance of a cybersecurity event.”.

Insurance 68

Insurance Security Cybersecurity Data breaches 68

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. But in a letter sent to affected individuals dated Feb. 13, 2018 and Mar.

Passwords 354

Passwords Access Insurance Government 354

Krebs on Security

JUNE 18, 2021

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. The SEC says First American derives nearly 92 percent of its revenue from its title insurance segment, earning $7.1 This week, the U.S. First American Financial Corp. billion last year.

Insurance 272

Insurance Risk Financial Services Mining 272

Krebs on Security

AUGUST 14, 2020

billion in 2019. The “RCM” portion of its name refers to “revenue cycle management,” an industry which tracks profits throughout the life cycle of each patient, including patient registration, insurance and benefit verification, medical treatment documentation, and bill preparation and collection from patients.

Ransomware 360

Ransomware Insurance Phishing IT 360

Data Matters

JULY 30, 2018

In October 2017, the National Association of Insurance Commissioners (NAIC) adopted an Insurance Data Security Model Law. On May 3, 2018, South Carolina became the first state to enact this Model Law, in the form of the South Carolina Insurance Data Security Act (H.B. See CT Gen Stat § 38a-999b (2015) ; 23 NYCRR 500.

Insurance 60

Insurance Security Cybersecurity Data breaches 60

Hunton Privacy

AUGUST 6, 2019

On August 2, 2019, New Hampshire Governor Chris Sununu signed into law SB 194 (the “Bill”), which requires insurers licensed in the state (“licensees”) to put in place data security programs and report cybersecurity events. The state insurance commissioner may take “necessary or appropriate” action to enforce the new law.

Insurance 81

Insurance Security Cybersecurity Information Security 81

Data Protection Report

FEBRUARY 27, 2020

Given the level of interest in the case, we have prepared a deeper-dive into the facts and the implications of the decision, with a focus on the important role played in the case by cyber insurance. Until recently, there had not been an example of a cyber insurer actively participating in a recovery action. This is set out below.

Insurance 81

Insurance Risk Data breaches Personal data 81

Hunton Privacy

FEBRUARY 29, 2024

It filed a breach report with OCR in February 2019, which then investigated the organization’s data practices starting in December 2019. This marks the second such settlement with a HIPAA-regulated entity for violations that were discovered following a ransomware attack, according to HHS. Investigate all likely policy violations.

Ransomware 111

Ransomware Personal data Risk Privacy 111

Data Matters

FEBRUARY 20, 2019

On January 18, 2019, the New York State Department of Financial Services (NYDFS) issued Circular Letter 2019-1 (the Circular Letter), addressing insurers’ use of external consumer data and information sources in underwriting for life insurance. Unlawful Discrimination.

Insurance 68

Insurance Financial Services Compliance Retail 68

Security Affairs

DECEMBER 28, 2022

The chief executive of insurance giant Zurich warns that cyber attacks, rather than natural catastrophes, will become uninsurable. Mario Greco, chief executive of insurer giant Zurich, has warned that cyber attacks will become soon “uninsurable.”.

Insurance 91

Insurance Risk Ransomware IT 91

Hunton Privacy

SEPTEMBER 3, 2019

On August 29, 2019, the Maryland Insurance Administration issued new breach notification requirements for entities that provide health insurance or related services. The new requirements will apply to insurers, non-profit health plans, HMOs, third-party administrators, and certain other managed care entities.

Insurance 40

Insurance Security IT 40

Security Affairs

JULY 21, 2021

Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a popular hacker forum. Drug prescription listings). Who had access to the data?

Insurance 112

Insurance Passwords Libraries Access 112

Hunton Privacy

JULY 1, 2022

Carnival”), the world’s largest cruise-ship operator, for violations of the Cybersecurity Regulation (23 NYCRR Part 500) in connection with four cybersecurity events between 2019 and 2021, including two ransomware events. . NYDFS also found that Carnival had failed to implement basic protocols to prevent data breaches.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

Hunton Privacy

OCTOBER 14, 2019

Join us on October 28, 2019, at 12:00 p.m. A SAFETY Act designation or certification complements a company’s traditional insurance policies to mitigate the potential liabilities from a cyber or physical attack.

Insurance 49

Insurance Security Retail Risk 49

IT Governance

MAY 30, 2019

The cyber security story for May 2019 is much the same as it was last month, with one mammoth breach raising the monthly total. which breached sixteen years’ worth of insurance data. leaked sixteen years’ worth of title insurance records (885 million). The post List of data breaches and cyber attacks in May 2019 – 1.39

Data breaches 112

Data breaches Personal data Ransomware Phishing 112

Krebs on Security

MAY 31, 2019

That measure, which went into effect in March 2019 and is considered among the toughest in the nation, requires financial companies to regularly audit and report on how they protect sensitive data, and provides for fines in cases where violations were reckless or willful. ”

Financial Services 208

Financial Services Insurance Sales Authentication 208

IT Governance

OCTOBER 24, 2019

The insurance firm Hiscox found that 61% of organisations were compromised in the past 12 months. Consider that the 2019 SonicWall Cyber Threat Report identified a record-high 10.52 But while they focus on the negatives, Cisco’s 2019 Data Privacy Benchmark Study has looked at the ways the GDPR has been a success.

Data breaches 56

Data breaches GDPR Compliance Insurance 56

IT Governance

JUNE 27, 2019

June 2019’s total of 39,713,046 breached records is the lowest since May last year – the month that the GDPR (General Data Protection Regulation) came into effect. Virginia-based insurer Dominion National investigating data breach dating back to 2010 (unknown). The post List of data breaches and cyber attacks in June 2019 ­– 39.7

Data breaches 111

Data breaches Personal data Ransomware GDPR 111

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories. Part one covers January to June, and will be followed by part in the coming days.

Data breaches 69

Data breaches GDPR Passwords Personal data 69

Security Affairs

OCTOBER 6, 2023

” The Company states that its cybersecurity insurance will cover the financial losses and future expenses, however, the full scope of the costs and related impacts has yet to be determined. The incident affected hotel reservation systems in the United States and other IT systems that run the casino floors.

Ransomware 116

Ransomware Insurance Cybersecurity IT 116

Data Matters

SEPTEMBER 20, 2021

The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. Highlights include, among others, adoption of revised risk-based capital bond factors for life insurers, amendments to SSAP No. NAIC Adopts Revised Risk-Based Capital Bond Factors for Life Insurers.

Insurance 88

Insurance e-Delivery Paper Sales 88

IT Governance

AUGUST 6, 2019

Students and undergraduate applicants to Lancaster University had their personal details stolen in a pair of breaches that were disclosed on 22 July 2019. Your employees receive an average of 4.8 phishing emails every week. That’s why we’ve decided to review phishing attacks in practice. Hackers publish list of stolen Discord credentials.

Phishing 79

Phishing Personal data Passwords Access 79

Data Protection Report

JUNE 2, 2021

million settlement with two related insurance companies, relating to violations of two different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2019. This matter began when insurance affiliate #1, licensed by NYDFS, discovered a phishing email in September of 2018. NYDFS Cybersecurity Regulation.

Cybersecurity 71

Cybersecurity Insurance Financial Services Phishing 71

Krebs on Security

JUNE 4, 2019

1, 2018 and March 30, 2019. AMCA has advised LabCorp that Social Security Numbers and insurance identification information are not stored or maintained for LabCorp consumers.” Medical testing giant LabCorp. said today personal and financial data on some 7.7 But today’s disclosure by LabCorp. In a filing today with the U.S.

Insurance 247

Insurance Data Privacy Access Security 247

Krebs on Security

FEBRUARY 20, 2024

First surfacing in September 2019, the gang is estimated to have made hundreds of millions of U.S. The government says Russian national Artur Sungatov used LockBit ransomware against victims in manufacturing, logistics, insurance and other companies throughout the United States. Department of Justice (DOJ). ” one denizen quipped.

Ransomware 266

Ransomware Encryption Insurance Manufacturing 266

IT Governance

FEBRUARY 26, 2019

I count this month’s total of leaked records to be 692,853,046, bringing 2019’s total to 2,462,038,109. Possibility of data breach with mySalam health insurance scheme, Perkasa claims. The post List of data breaches and cyber attacks in February 2019 – 692,853,046 records leaked appeared first on IT Governance Blog.

Data breaches 109

Data breaches Sales Phishing Ransomware 109

Data Protection Report

SEPTEMBER 23, 2021

The matter involved one of France’s largest insurers, SGAM AG2R LA MONDIALE, which was subject to an inspection by the French data protection authority (the CNIL), in 2019. The CNIL’s inspection included the insurer’s compliance with Section 5-1(e) of GDPR , which reads: Personal data shall be. (e) Perhaps the CNIL’s €1.75

Personal data 110

Personal data Insurance GDPR Record destruction 110

IT Governance

NOVEMBER 6, 2023

Compromised information included patients’ names, dates of birth, postal addresses, Social Security numbers, diagnosis and treatment information, and health insurance information. Records breached: 815,000,000 Milford Management Corp. It secured its systems, notified law enforcement and began investigating the incident.

Data Privacy 97

Data Privacy Privacy Libraries Security 97

Krebs on Security

AUGUST 17, 2023

For example, in 2019 McAfee found that for targets in Japan, the 16Shop kit would also collect Web ID and Card Password, while US victims will be asked for their Social Security Number. You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. Image: Akamai.com.

Phishing 187

Phishing Passwords Insurance Sales 187

Security Affairs

OCTOBER 24, 2021

Stolen data spans from 2006 and 2019, local media outlets have confirmed their authenticity. This data could be stolen both directly from the insurance companies and from their contractors to whom the bases are transferred for “ringing” says Ashot Hovhannisyan. ” reads the post published by the Kommersant website.

Sales 99

Sales Insurance Analytics Authentication 99

eSecurity Planet

OCTOBER 18, 2021

The legal complaint [PDF] notes that on July 9, 2019, the day it was hit by a ransomware attack, Springhill Memorial Hospital contended that the event had “not affected patient care.” ” Cyber Insurance No Longer Reliable. Also read: Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs.

Ransomware 103

Ransomware Insurance Digital transformation Cybersecurity 103

Data Matters

DECEMBER 11, 2018

The National Association of Insurance Commissioners (NAIC) held its Fall 2018 National Meeting (Fall Meeting) in San Francisco, California, from November 15 to 18, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data. This post summarizes the highlights from this meeting. groups with non-U.S.

Insurance 68

Insurance Paper Risk Big data 68

Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. The Privacy Working Group has been reviewing state insurance privacy protections regarding the collection, ownership, use, and disclosure of information gathered in connection with insurance transactions.

Insurance 78

Insurance Paper Privacy Risk 78

IT Governance

JULY 6, 2020

million organisations fell victim to cyber crime in 2019. Beaming calculates that UK business lost almost £13 billion due to cyber crime in 2019, and when you factor in damaged assets, financial penalties and lost productivity, the total cost over the past five years is more than £87 billion. The benefits of certifying to the Standard.

Information Security 142

Information Security Phishing IoT Insurance 142