Data Matters

JUNE 23, 2022

Kentucky and Maryland recently continued the trend of state insurance departments adopting some version of the National Association of Insurance Commissioners’ (“NAIC”) Insurance Data Security Model Law. The post Kentucky and Maryland Recently Joined Other States in Adopting NAIC Model Data Security Law.

Insurance 103

Insurance Security Cybersecurity Information Security 103

Security Affairs

APRIL 4, 2024

email address, phone number), date of birth, social security number, driver’s license or other government identification, financial details (e.g., According to the notification letter sent to the impacted individuals, the security breach occurred between July 7, 2023 and October 15, 2023 and was discovered on March 25, 2024.

Data breaches 98

Data breaches Insurance Government Security 98

Krebs on Security

FEBRUARY 20, 2024

The government says Russian national Artur Sungatov used LockBit ransomware against victims in manufacturing, logistics, insurance and other companies throughout the United States. This prompted several XSS members to start posting memes taunting the group about the security failure. Ivan Gennadievich Kondratyev , a.k.a.

Ransomware 274

Ransomware Encryption Insurance Manufacturing 274

Security Affairs

FEBRUARY 12, 2024

The Canadian government is going to ban the tool Flipper Zero because it is abused by crooks to steal vehicles in the country. The Canadian government announced that it plans to ban the tool Flipper Zero , and similar hacking devices, to curb the surge in car thefts. ” reads a statement from the Canadian Government. .

Sales 100

Sales Government Insurance IT 100

eDiscovery Daily

FEBRUARY 12, 2024

There was also a greater embracing of new ways of getting legal done, with can’t-be-ignored tech like GenAI, data management and handling the ever-growing modern data in discovery cracking open the remaining closed doors to innovation for law firms, government and corporate teams alike.

CMS 41

CMS Phishing Communications Insurance 41

eDiscovery Daily

FEBRUARY 11, 2024

There was also a greater embracing of new ways of getting legal done, with can’t-be-ignored tech like GenAI, data management and handling the ever-growing short message data in discovery cracking open the remaining closed doors to innovation for law firms, government and corporate teams alike.

CMS 41

CMS Phishing Communications Insurance 41

Data Protection Report

AUGUST 29, 2022

On July 13, 2022, the Office of the Superintendent of Financial Institutions (OSFI) released its final Guideline B-13 (the Guideline), setting out technology and cyber risk management expectations for all federally regulated financial institutions (FRFIs), such as banks, insurance and trust companies. Read the full update here.

Risk 116

Risk Insurance Cybersecurity Government 116

IT Governance

MAY 7, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight More than 6 million accounts compromised from streaming service MovieBoxPro MovieBoxPro, a streaming service of “questionable legality”, suffered a data scraping incident on 15 April 2024, according to Have I Been Pwned. Data breached: 395 GB.

Data breaches 59

Data breaches Education Manufacturing Retail 59

Security Affairs

FEBRUARY 27, 2024

Optum Solutions is a subsidiary of UnitedHealth Group, a leading health insurance company in the United States. “On February 21, 2024, UnitedHealth Group (the “Company”) identified a suspected nation-state associated cyber security threat actor had gained access to some of the Change Healthcare information technology systems. .

Ransomware 91

Ransomware Government Insurance Manufacturing 91

Security Affairs

FEBRUARY 28, 2024

The US agencies released a report containing IOCs and TTPs associated with the ALPHV Blackcat RaaS operation identified through law enforcement investigations conducted as recently as February 2024. municipal governments, defense contractors, and critical infrastructure organizations).” ” reads the joint advisory.

Ransomware 106

Ransomware Government Insurance Manufacturing 106

Data Protection Report

JANUARY 4, 2024

Does the national defense bill (National Defense Authorization Act for Fiscal Year 2024, signed on December 22, 2023) require the Department of Defense to develop a “bug bounty” program for certain large artificial intelligence models being integrated into the missions and operations of the Department of Defense? Answers are below.

Privacy 110

Privacy Cybersecurity Artificial Intelligence e-Discovery 110

Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. The Privacy Working Group has been reviewing state insurance privacy protections regarding the collection, ownership, use, and disclosure of information gathered in connection with insurance transactions.

Insurance 78

Insurance Paper Privacy Risk 78

eSecurity Planet

MARCH 3, 2023

The initiatives that stand out the most — critical infrastructure security standards, a national data privacy and security law, and liability for security failures — will likely take time and the support of Congress to implement. is the creation of mandatory requirements for critical infrastructure security.

Cybersecurity 106

Cybersecurity Government Manufacturing Personal data 106

IBM Big Data Hub

MARCH 20, 2024

With more dependency on technology and third and fourth parties, expectations are increasing for organizations to continue delivering critical business services through a major disruption in a safe and secure manner. This means actively minimizing downtime and closing gaps in the supply chain to remain competitive.

Cloud 80

Cloud Financial Services Risk Business Services 80

Data Protection Report

APRIL 30, 2024

On April 15, 2024, the U.S. Mature privacy programs must coordinate with their information governance counterparts to develop guidance that actually helps their employees organize their data and effectively delete information they no longer need. Our Take It is becoming routine for U.S. We are seeing order after order in the U.S.

Personal data 85

Personal data Privacy Information governance Compliance 85

Hunton Privacy

MAY 10, 2022

The CTDPA exempts certain entities, including, for example, state and local government entities, nonprofits, higher education institutions, financial institutions subject to the Gramm-Leach-Bliley Act (“GLB”), and qualifying covered entities and business associates subject to the Health Insurance Portability and Accountability Act (“HIPAA”).

Privacy 118

Privacy Personal data Sales B2B 118

Security Affairs

FEBRUARY 8, 2024

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technolog y. Cyber Insurance: US cyber insurance premiums soared by 50% in 2022, reaching $7.2 million unfilled cyber security jobs, showing a big need for skilled professionals. million per breach.

Security 122

Security Phishing IoT Ransomware 122

IT Governance

APRIL 22, 2024

million records from World-Check, a screening database used to screen potential customers for links to illegal activity and government sanctions. Compromised data includes names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers.

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

IT Governance

MARCH 11, 2024

Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C. Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc. UniCredit fined €2.8

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

Data Matters

DECEMBER 11, 2018

The National Association of Insurance Commissioners (NAIC) held its Fall 2018 National Meeting (Fall Meeting) in San Francisco, California, from November 15 to 18, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data. systemic risk of insurers with other parts of the financial system, notably the banking.

Insurance 68

Insurance Paper Risk Big data 68

IT Governance

APRIL 9, 2024

Kid Security breached again: children’s live GPS locations exposed on the Internet Last November , the parental control app Kid Security, which allows parents to monitor and control their children’s online safety, was found to have exposed more than 300 million records via misconfigured Elasticsearch and Logstash instances.

Data Privacy 52

Data Privacy Privacy Security Manufacturing 52

IT Governance

MARCH 5, 2024

Source (New) Engineering Japan Yes >5 TB Array Networks Source (New) Cyber security USA Yes 2.5 TB Turtlemint Source (New) Insurance India Yes 1,800,000 Chunghwa Telecom Source (New) Telecoms Taiwan Yes 1.7

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

FEBRUARY 27, 2024

The breached data includes names, addresses, emails, phone numbers, dates of birth, and financial account and Social Security numbers. The breached data may include names, Social Security numbers and health insurance information. Key date 31 March 2024 – PCI DSS v4.0 Data breached: 16,924,071 individuals’ data.

Data Privacy 52

Data Privacy Manufacturing Privacy Data breaches 52

ForAllSecure

MAY 17, 2023

Chris Gray of Deep Watch talks about the view from the inside of a virtual SOC, the ability to see threats against a large number of SMB organizations, and the changes to cyber insurance we’re seeing as a result. A lot of SMBs do not have security operations centers or SOCs. They can provide that additional security, remotely.

Insurance 40

Insurance Privacy Ransomware GDPR 40

IT Governance

JANUARY 23, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight More than 70 million email addresses added to Have I Been Pwned The security researcher Troy Hunt has added more than 70 million email addresses from the Naz.API data set to his Have I Been Pwned data breach notification service. VF Corporation confirms 35.5

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

JANUARY 16, 2024

Securities and Exchange Commission Source 1 ; source 2 (New) Public USA No 0 NETGEAR Source (New) Telecoms USA No 0 Note 1: ‘New’/‘Update’ in the first column refers to whether this breach was first publicly disclosed this week, or whether a significant update was released this week.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

JANUARY 30, 2024

Mobile network database breach exposes 750 million Indians’ personal data The Indian security company CloudSEK claims to have found the personal data of 750 million Indians for sale on an “underground forum”. Compromised data includes victims’ names, addresses, phone numbers and Aadhaar numbers (a 12-digit government identification number).

Data Privacy 52

Data Privacy Retail Privacy Manufacturing 52

IBM Big Data Hub

FEBRUARY 8, 2024

The European Parliament reached a provisional agreement on the EU AI Act in December 2023, it is now making its way through the final phases of the legislative process and is expected to rollout in stages in the second half of 2024. Dec 19, 2023 The European AI Act is currently the most comprehensive legal framework for AI regulations.

Government 80

Government Artificial Intelligence Risk Compliance 80

IT Governance

FEBRUARY 6, 2024

Source 1 ; source 2 (New) Professional services USA Yes 11,556 Poder Judicial de Santa Cruz Source (New) Legal Argentina Yes 8,732 J.D.

Data Privacy 88

Data Privacy Privacy Insurance Security 88

Data Matters

DECEMBER 28, 2020

The National Association of Insurance Commissioners (NAIC) held its Fall 2020 National Meeting (Fall Meeting) December 3-9, 2020. NAIC Adopts the Group Capital Calculation Template and Instructions and Related Revisions to the Insurance Holding Company Act. Insurance groups will be exempt from filing a GCC if.

Insurance 68

Insurance Paper Risk Analytics 68

Thales Cloud Protection & Licensing

JANUARY 24, 2024

Protecting Against the Risks and Managing the Complexities of a Quantum World with Thales and IBM Consulting madhav Thu, 01/25/2024 - 11:03 Contributors: Ollie Omotosho - Director, Strategir Partnerships, Thales Antti Ropponen, Head of Data & Application Security Services, IBM Consulting In the world of business, data security is paramount.

Risk 87

Risk Encryption Blockchain Authentication 87

IT Governance

JANUARY 3, 2024

billion records The security researcher Jeremiah Fowler discovered an unprotected database exposing more than 1.5 Fowler contacted the company, which secured the database. The security researcher Bob Diachenko identified the leak in September and contacted TuneFab, which fixed the misconfiguration within 24 hours.

Data Privacy 107

Data Privacy Insurance Manufacturing Retail 107

eSecurity Planet

MAY 2, 2024

Most organizations express confidence in their current status and budgets, but also expect to experience at least one data breach in 2024. Password manager : Stores passwords securely, enforces quality, permits safe internal and external sharing, and ties into HR software for effective off-boarding of users.

Cybersecurity 94

Cybersecurity Ransomware Passwords Cloud 94

IT Governance

APRIL 29, 2024

Keyboard app vulnerabilities reveal keystrokes to network eavesdroppers Security researchers have identified critical security vulnerabilities in Cloud-based pinyin keyboard apps from Baidu, Inc., We identified certain accounts that we believe are affiliated with the Spy.pet website, which we have subsequently banned.”

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94

OpenText Information Management

APRIL 2, 2024

In its recent assessment, Time has identified “ungoverned AI” as one of the top risks of 2024. It’s important to recognize that an effective AI strategy is inseparable from a robust data strategy – ensuring data security is paramount in unlocking GenAI’s full potential.

Risk 76

Risk Privacy Data Privacy Paper 76

Data Matters

JULY 28, 2021

Notably, the CPA exempts data “created by a covered entity for the purposes of complying with HIPAA” but does not have an entitywide exemption for Health Insurance Portability and Accountability Act (HIPAA)-regulated entities. The requirement to accept these universal opt-out signals, however, does not go into effect until July 1, 2024.

Privacy 88

Privacy Sales Personal data Compliance 88

Security Affairs

APRIL 28, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Companies and Government Agencies ArcaneDoor – New espionage-focused campaign found targeting perimeter network devices Israel Tried to Keep Sensitive Spy Tech Under Wraps.

Security 96

Security Data breaches Ransomware Mining 96