IT Governance

JUNE 1, 2022

Welcome to our May 2022 review of data breaches and cyber attacks. The post List of data breaches and cyber attacks in May 2022 – 49.8 We identified 77 security incidents during the month, resulting in 49,782,129 compromised records. If you’re facing a cyber security disaster, IT Governance is here to help.

Data breaches 127

Data breaches Ransomware Phishing Education 127

DLA Piper Privacy Matters

NOVEMBER 3, 2022

The incident, which was made public in late September 2022, is thought to have affected around 9 million individuals (almost 40% of the Australian population), with identity documents relating to approximately 2.22 million Australians being made available on the dark web. million customers.

Privacy 97

Privacy Data breaches Insurance Government 97

Data Protection Report

DECEMBER 8, 2022

Norton Rose Fulbright Canada’s cyber litigation team recently obtained an order in favour of an insurer, granting it relief from forfeiture in respect of more than 11 bitcoins from the assets seized from a prolific ransomware gang. [1] Insurers excluded from restitution order.

Ransomware 98

Ransomware Insurance IT Data breaches 98

Data Matters

MARCH 28, 2022

On March 17, 2022, the U.S. Department of Health and Human Service’s Office for Civil Rights (“OCR”) issued industry guidance for Health Insurance Portability and Accountability Act (“HIPAA”) regulated entities to take preventative steps to protect against some of the more common, and often successful, cyber-attack techniques.

Cybersecurity 88

Cybersecurity Privacy Insurance Risk 88

IT Governance

FEBRUARY 16, 2023

In a security notice filed with Montana’s Attorney General office, Pepsi explained that the breach started on 23 December 2022. The nature of the compromised data suggests that it belongs to Pepsi Bottling Ventures employees – if only because you wouldn’t expect a manufacturer to have any significant amounts of data on customers.

Data breaches 106

Data breaches Insurance Manufacturing Access 106

Hunton Privacy

MAY 10, 2022

On May 10, 2022, Connecticut Governor Ned Lamont signed An Act Concerning Personal Data Privacy and Online Monitoring , after the law was previously passed by the Connecticut General Assembly in April. Connecticut is now the fifth state to enact a consumer privacy law.

Privacy 118

Privacy Personal data Sales B2B 118

Hunton Privacy

MARCH 24, 2022

On March 24, 2022, Utah became the fourth state in the U.S., following California, Virginia and Colorado, to enact a consumer data privacy law, the Utah Consumer Privacy Act (the “UCPA”). As with the CCPA/CPRA and VCDPA, the UCPA also exempts from its application non-profit entities.

Privacy 113

Privacy Personal data Sales B2B 113

IBM Big Data Hub

OCTOBER 30, 2023

The global AI market is projected to grow to USD 190 billion by 2025, increasing at a compound annual growth rate (CAGR) of 36.62% from 2022, according to Markets and Markets. Adopting AI in business at scale is not without its challenges, including data privacy concerns, integration complexities and the need for skilled personnel.

Analytics 78

Analytics Retail Cloud Insurance 78

eSecurity Planet

FEBRUARY 14, 2023

The growing number of data privacy regulations has raised the potential consequences of cybersecurity breaches, spurring demand for GRC (governance, risk, and compliance) software. In the case of Lemonade – an online insurance company – it spent over 200 hours on the process. Lawyers have already filed a class action lawsuit.

Compliance 121

Compliance Security Cybersecurity Marketing 121

IBM Big Data Hub

JULY 7, 2023

IBM Security X-Force found the most common threat on organizations is extortion, which comprised more than a quarter (27%) of all cybersecurity threats in 2022. Sanitize computers for data erasure and destroy all records. Fines for not complying with data privacy laws can also be steep in the US.

Security 40

Security Data breaches Data Privacy Compliance 40

Data Protection Report

OCTOBER 24, 2022

On October 18, 2022, the New York Department of Financial Services announced a settlement with EyeMed, a licensed life, accident, and health insurer, with respect to a security incident that occurred in 2020. EyeMed blocked the threat actor’s access on July 1. EyeMed neither admitted nor denied the AG’s findings in the settlement.

Cybersecurity 52

Cybersecurity Personal data Risk Financial Services 52

Data Protection Report

FEBRUARY 23, 2023

Additionally, since AVs can collect data from multiple sources (e.g., multiple sensors, third-party systems) and transmit and store data using third-party sites, vehicle manufacturers should consider the wide-reaching impact of the AV system and ensure data is being protected at each potential access point.

Privacy 85

Privacy Manufacturing Artificial Intelligence Data collection 85

Data Matters

APRIL 15, 2022

Utah has become the fourth state, following California, Virginia and Colorado, to enact a comprehensive consumer data privacy law. The Utah Consumer Privacy Act (“UCPA”), formerly known as Senate Bill 227, passed the Utah Senate and House with no opposition, and was signed by Governor Cox on March 24, 2022.

Privacy 109

Privacy Personal data Sales Insurance 109

IT Governance

MAY 7, 2024

The data breached included usernames and email addresses. Data breached: 6,009,014 accounts. A further 381,000 New York City public school students affected by 2022 data breach In January 2022 , personal data from around 820,000 New York City public school students, both current and former, was breached.

Data breaches 59

Data breaches Education Manufacturing Retail 59

IT Governance

MARCH 11, 2024

Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc. billion in cyber crime losses in 2023 – a 22% increase on 2022’s figures. Learn more about complying with ISO 27001:2022. New IC3 report: US lost $12.5 of the Standard.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

ForAllSecure

MAY 17, 2023

Chris Gray of Deep Watch talks about the view from the inside of a virtual SOC, the ability to see threats against a large number of SMB organizations, and the changes to cyber insurance we’re seeing as a result. VAMOSI: Cybersecurity insurance. cyber insurance as a whole was changing heavily. And why is that?

Insurance 40

Insurance Privacy Ransomware GDPR 40

IT Governance

APRIL 9, 2024

million patients’ data via unsecured database According to DataBreaches.net, EyeCare Services Partners – a group of eye care providers based in Dallas, Texas – left 50 TB of data exposed via an unsecured blob. Other databases contained health insurance data, such as patents’ names, dates of birth, addresses and medical data.

Data Privacy 52

Data Privacy Privacy Security Manufacturing 52

IT Governance

MARCH 5, 2024

Known data breached Pure Incubation Ventures Source (New) Professional services USA Yes 183,754,481 EasyPark Source 1 ; source 2 ; source 3 (Update) Software Sweden Yes 21,100,000 Cutout.Pro Source (New) Software Hong Kong Yes 19,972,829 Optum Source 1 ; source 2 (New) Healthcare USA Yes 6 TB Kumagai Gumi Group Co.,

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

APRIL 22, 2024

Cloud, FL Source (Update) Public USA Yes 719,597 Regulator Marine Inc Source (New) Manufacturing USA Yes 630 GB Risas Dental and Braces Source 1 ; source 2 (New) Healthcare USA Yes 618,189 HUB International Source (New) Insurance USA Yes 514,477 Lee University Source 1 ; source 2 (New) Education USA Yes 387.49 We hope you found it useful.

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

IT Governance

DECEMBER 5, 2023

Other news European Parliament and Council of the European Union reach political agreement on Cyber Resilience Act The European Commission has welcomed the political agreement reached between the European Parliament and the Council of the European Union on the Cyber Resilience Act, which the Commission proposed in 2022.

Data Privacy 106

Data Privacy Privacy Manufacturing Retail 106

IT Governance

JANUARY 30, 2024

Source (New) Retail USA Yes 2,588,849 Keenan & Associates Source 1 ; source 2 (Update) Insurance USA Yes 1,509,616 AGC Group Source (New) Manufacturing Japan Yes 1.5 million customers’ personal data leaked on the dark web. TB Four Hands Source (New) Manufacturing USA Yes 1.5 Source (New) Non-profit USA Yes 25,908.62

Data Privacy 52

Data Privacy Retail Privacy Manufacturing 52

Security Affairs

FEBRUARY 8, 2024

Data Breach Costs: The average global cost of a data breach in 2023 was $4.45 Cyber Insurance: US cyber insurance premiums soared by 50% in 2022, reaching $7.2 Privacy Compliance: By 2024, 40% of privacy tools will rely on AI, highlighting its expanding role in ensuring data privacy and meeting regulations.

Security 124

Security Phishing IoT Ransomware 124

Data Matters

MAY 6, 2022

Digital health companies should take note of new data privacy and security developments under the Health Insurance Portability and Accountability Act (HIPAA) that can affect product planning and customer negotiations. Comments must be submitted by June 6, 2022. Cybersecurity Industry Newsletter.

Risk 88

Risk Cybersecurity Insurance Authentication 88

The Last Watchdog

DECEMBER 27, 2021

On the privacy front, California beefed up its consumer data privacy regulations even as Facebook and Apple publicly feuded over how each of these tech giants abuse of consumer privacy and loosey handle sensitive data. Doug Dooley, COO, Data Theorem. More than two dozen experts participated.

Privacy 235

Privacy Cybersecurity Ransomware Insurance 235

IT Governance

APRIL 29, 2024

Known data breached Discord (via Spy.pet) Source (New) IT services USA Yes 4,186,879,104 Baidu, Inc., The new iteration of the Standard, ISO 27001:2022, isn’t significantly different from ISO 27001:2013, but there are some notable changes. Learn more about complying with ISO 27001:2022. That’s it for this week’s round-up.

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94

IBM Big Data Hub

JULY 6, 2023

The BRSR is the first framework in India that requires Indian companies to provide quantitative metrics on sustainability-related factors, as of fiscal year 2023—for eligible companies, April 2022 to March 2023. What are the three main disclosure areas under the BRSR?

Insurance 50

Insurance Government Data structuring Communications 50

IBM Big Data Hub

OCTOBER 12, 2023

Accounting for the complexities of the AI lifecycle Unfortunately, typical data storage and data governance tools fall short in the AI arena when it comes to helping an organization perform the tasks that underline efficient and responsible AI lifecycle management. Learn more about IBM watsonx 1.

Government 77

Government Analytics Metadata Compliance 77

eSecurity Planet

JANUARY 11, 2022

Investors, business clients, and more continue to look for secure application access for remote workers , provide real-time visibility into cyberattacks, and protect data as it travels from the cloud to edge networks and end-users and back. Read more: Top Enterprise Network Security Tools for 2022. Best Threat Detection Startups.

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142

Data Matters

JULY 28, 2021

Like the CPRA and the VCDPA, the CPA requires businesses to notify Colorado consumers about their data privacy rights and the processing of their personal information and provide them with choices over how that information is collected, used, and disclosed by businesses active in the state. duty of data minimization.

Privacy 88

Privacy Sales Personal data Compliance 88

Collibra

JANUARY 28, 2022

The past few years have provided us with an interesting twist on this conversation—what happens to our data privacy—and the policies we put in place—when something unexpected and world-altering occurs? . We’re talking, of course, about the COVID-19 pandemic and its impact on the conversation of data privacy.

Data Privacy 52

Data Privacy Privacy Insurance Data collection 52

Collibra

MARCH 22, 2022

This was further emphasized at HIMSS 2022 where the spotlight was on the use of cloud computing solutions, artificial intelligence (AI) and the adoption of Fast Health Interoperability (FHIR) to drive transformative changes in healthcare – across telehealth, telemedicine, genomics, precision medicine and value-based care.

Digital transformation 52

Digital transformation Cloud Healthcare Computer and Electronics 52