Authentication, Data breaches, Financial Services and Insurance

How Multi-factor Authentication Can Benefit Your Industry

Rocket Software

AUGUST 17, 2020

For some sectors, like finance, security and data protection are top of mind for everything that is done. Financial services organizations typically experience the most data breaches and hacks, which makes security a priority. Patient data is highly sensitive and confidential. But what about healthcare?

Authentication

Authentication Financial Services Passwords Insurance

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. based First American [ NYSE:FAF ] is a leading provider of title insurance and settlement services to the real estate and mortgage industries. It employs some 18,000 people and brought in $6.2

Insurance

Insurance Financial Services Mining Access

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp. Since Carnival was licensed by the Department to sell insurance in NY State, it was treated as a covered entity under the Cybersecurity Regulation.

Cybersecurity

Cybersecurity Insurance Phishing Financial Services

NY Investigates Exposure of 885 Million Mortgage Documents

Krebs on Security

MAY 31, 2019

No authentication was needed to access the digitized records. On May 29, The New York Times reported that the inquiry by New York’s Department of Financial Services is likely to be followed by other investigations from regulators and law enforcement. ”

Financial Services

Financial Services Insurance Sales Authentication

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance

Insurance Cybersecurity Data breaches Financial Services

US: Surviving the service provider data breach

DLA Piper Privacy Matters

JULY 30, 2019

It’s summer, and life’s a breach. A data breach, that is. It’s your service provider’s breach, but it involves your (more likely, your customer’s) data. So put down the beach reading, for some breach reading. Who “owns” a data breach?

Data breaches

Data breaches Cybersecurity Financial Services Risk

New York State Expected to Increase Enforcement of Cybersecurity Practices

HL Chronicle of Data Protection

FEBRUARY 25, 2020

Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the effective date of the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act or Act).

Cybersecurity

Cybersecurity Financial Services Data breaches Insurance

New York SHIELD Act $600,000 settlement

Data Protection Report

FEBRUARY 8, 2022

According to the settlement agreement, the AG concluded that EyeMed’s security practices did not meet the requirements of the SHIELD Act with respect to four requirements: authentication, password management, logging and monitoring, and data retention in the email account. In total, information for approximately 2.1 SHIELD Act.

Passwords

Passwords Financial Services Authentication Insurance

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Data Matters

APRIL 20, 2021

This development indicates that sponsors and fiduciaries may soon be subject to focused scrutiny over their cybersecurity practices in DOL investigations and adds to the multiple existing sources of cybersecurity legal risk in the wake of data breaches or insufficient cybersecurity controls.

Cybersecurity

Cybersecurity Insurance Risk Compliance

NYDFS settles cybersecurity regulation matter for $3 million

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. NSC), relating to violations of three different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2020. NYDFS Cybersecurity Regulation.

Cybersecurity

Cybersecurity Financial Services Phishing Compliance

Expect More Spam Calls and SIM-Card Scams: 400 Million Phone Numbers Exposed

Adam Levin

SEPTEMBER 5, 2019

Once the number has been transferred, the criminal has control of any accounts that are identified by caller ID (including many financial institutions) as well as any accounts protected by two-factor authentication. It is believed this was the method used to recently hack Jack Dempsey’s Twitter account. . What You Can Do.

Mining

Mining Authentication Financial Services Privacy

NYDFS settles with EyeMed for $4.5 million

Data Protection Report

OCTOBER 24, 2022

On October 18, 2022, the New York Department of Financial Services announced a settlement with EyeMed, a licensed life, accident, and health insurer, with respect to a security incident that occurred in 2020. The settlement requires EyeMed to pay $4.5 million, among other things. Background.

Cybersecurity

Cybersecurity Personal data Risk Financial Services

Marriott Breach: More than 500 Million Guest Affected

Adam Levin

NOVEMBER 30, 2018

If you prefer a more laid back approach, sign up for free transaction alerts from financial services institutions and credit card companies, or subscribe to a credit and identity monitoring program, 3. There are some basics when it comes to protecting yourself when your information is compromised, and they are simple.

Financial Services

Financial Services Encryption Passwords Communications

Transition period under New York Cybersecurity Regulation ends March 1, 2019

Data Protection Report

JANUARY 7, 2019

The two-year transitional period under the New York State Department of Financial Services (“DFS””) Cybersecurity Regulation , 23 NYCRR 500 (the “Regulation”), will expire on March 1, 2019, with the final remaining requirement becoming effective.

Cybersecurity

Cybersecurity Compliance Financial Services Risk

50 Ways to Avoid Getting Scammed on Black Friday

Adam Levin

NOVEMBER 17, 2020

Mobile payment platforms, like Apple Pay and Google Pay, use advanced technology, like fingerprint authentication and tokenization (in which credit card account numbers are replaced by randomly generated numbers) to provide brick-and-mortar shoppers with an added layer of security. Enable two-factor authentication.

Retail

Retail e-Delivery Passwords Phishing

US: Coronavirus – Cybersecurity considerations for your newly remote workforce

DLA Piper Privacy Matters

APRIL 2, 2020

Where feasible, consider using encryption and secure file transfer platforms for the transmission of sensitive data. Multi-Factor Authentication. Multi-Factor Authentication (MFA) is a powerful tool in combating potential unauthorized access to systems where access credentials have been lost or stolen.

Cybersecurity

Cybersecurity Phishing Authentication Access

SHARED INTEL: Akamai reports web attack traffic spiked 62 percent in 2020 — all sectors hit hard

The Last Watchdog

MAY 24, 2021

billion hitting financial services organizations — an increase of more than 45 percent year-over-year in that sector. billion web app attacks last year, with more than 736 million targeting financial services. billion web attacks globally; 736 million in the financial services sector. A: Everything.

Financial Services

Financial Services Passwords Data breaches Authentication

CyberheistNews Vol 13 #25 [Fingerprints All Over] Stolen Credentials Are the No. 1 Root Cause of Data Breaches

KnowBe4

JUNE 20, 2023

1 Root Cause of Data Breaches Verizon's DBIR always has a lot of information to unpack, so I'll continue my review by covering how stolen credentials play a role in attacks. So, what does the report say about the most common threat actions that are involved in data breaches?

Data breaches

Data breaches Phishing Security awareness Ransomware

The Hacker Mind Podcast: Going Passwordless

ForAllSecure

JANUARY 19, 2022

You might not think of it as a major aspect of security and yet, stolen credentials are really the key to data breaches today. To use a service, we enter our user name and a password. But this method of authentication is flawed; either hashed or hashed and salted, usernames and passwords can still be stolen and reused.

Passwords

Passwords Authentication Access Data breaches

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Last Watchdog

FEBRUARY 25, 2019

The IAM vendors took single sign-on to the next level, adding multi-factor authentication and other functionalities. Our customers all have the pain point of wanting to have single sign-on for multiple applications, requiring capabilities like self-service and self-registration,” Curcio told Last Watchdog.

Access

Access Government Authentication Data breaches

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

Board-management discussions about cyber risk should include identification of which risks to avoid, which to accept, and which to mitigate or transfer through insurance, as well as specific plans associated with each approach. Source Authentication. Authentication and Lifecycle Management. Principle 5. Indeed, given that U.S.

Cybersecurity

Cybersecurity Risk Passwords Authentication

President Trump Signs Financial Services Regulatory Reform Legislation

Data Matters

JUNE 5, 2018

The definition of “banking entity” now excludes insured depository institutions (and their parent companies and affiliates) if (i) the institution has less than $10 billion in total consolidated assets and (ii) the institution’s trading assets and liabilities are less than 5 percent of its total consolidated assets.

Financial Services

Financial Services Insurance Privacy Authentication

Information Management Today

How Multi-factor Authentication Can Benefit Your Industry

NY Charges First American Financial for Massive Data Leak

Trending Sources

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

NY Investigates Exposure of 885 Million Mortgage Documents

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

US: Surviving the service provider data breach

New York State Expected to Increase Enforcement of Cybersecurity Practices

New York SHIELD Act $600,000 settlement

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

NYDFS settles cybersecurity regulation matter for $3 million

Expect More Spam Calls and SIM-Card Scams: 400 Million Phone Numbers Exposed

NYDFS settles with EyeMed for $4.5 million

Marriott Breach: More than 500 Million Guest Affected

Transition period under New York Cybersecurity Regulation ends March 1, 2019

50 Ways to Avoid Getting Scammed on Black Friday

US: Coronavirus – Cybersecurity considerations for your newly remote workforce

SHARED INTEL: Akamai reports web attack traffic spiked 62 percent in 2020 — all sectors hit hard

CyberheistNews Vol 13 #25 [Fingerprints All Over] Stolen Credentials Are the No. 1 Root Cause of Data Breaches

The Hacker Mind Podcast: Going Passwordless

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

An Approach to Cybersecurity Risk Oversight for Corporate Directors

President Trump Signs Financial Services Regulatory Reform Legislation

Stay Connected