Data Matters

JANUARY 14, 2019

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The Act is designed to “establish standards for data security and for the investigation and notification to the Superintendent of Insurance of a cybersecurity event.”.

Insurance 68

Insurance Security Cybersecurity Data breaches 68

Data Matters

FEBRUARY 11, 2019

On December 28, 2018, Michigan adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law in the form of Michigan H.B. The Act defines licensees as persons authorized, registered, or licensed under Michigan insurance laws or required to be so. 6491 (Act). MCL § 500.550.

Insurance 68

Insurance Security Cybersecurity FOIA 68

Data Matters

JUNE 23, 2022

Kentucky and Maryland recently continued the trend of state insurance departments adopting some version of the National Association of Insurance Commissioners’ (“NAIC”) Insurance Data Security Model Law. The post Kentucky and Maryland Recently Joined Other States in Adopting NAIC Model Data Security Law.

Insurance 103

Insurance Security Cybersecurity Information Security 103

Security Affairs

NOVEMBER 2, 2023

Okta warns approximately 5,000 employees that their personal information was compromised due to a third-party vendor data breach. Cloud identity and access management solutions provider Okta warns nearly 5,000 employees that their personal information was exposed due to a data breach suffered by the third-party vendor Rightway Healthcare.

Data breaches 123

Data breaches Insurance Access Authentication 123

IBM Big Data Hub

APRIL 24, 2024

An online retailer always gets users’ explicit consent before sharing customer data with its partners. A navigation app anonymizes activity data before analyzing it for travel trends. One cannot overstate the importance of data privacy for businesses today. The user can accept or reject each use of their data individually.

Data Privacy 83

Data Privacy Privacy GDPR Personal data 83

Data Matters

JULY 30, 2018

In October 2017, the National Association of Insurance Commissioners (NAIC) adopted an Insurance Data Security Model Law. On May 3, 2018, South Carolina became the first state to enact this Model Law, in the form of the South Carolina Insurance Data Security Act (H.B.

Insurance 60

Insurance Security Cybersecurity Data breaches 60

The Last Watchdog

AUGUST 19, 2021

At the start of this week, word got out that hackers claimed to have seized personal data for as many as 100 million T-Mobile patrons. Once more, a heavily protected enterprise network has been pillaged by data thieves. it’s notable that T-Mobile only learned about the breach when the data went up for sale.

Data breaches 306

Data breaches Authentication Access Personal data 306

Rocket Software

AUGUST 17, 2020

For some sectors, like finance, security and data protection are top of mind for everything that is done. Financial services organizations typically experience the most data breaches and hacks, which makes security a priority. Patient data is highly sensitive and confidential. What is Multi-factor Authentication?

Authentication 52

Authentication Financial Services Passwords Insurance 52

The Last Watchdog

JUNE 9, 2022

Phishing emails may ask for personal information like a log-in or Social Security number to authenticate your account, or they may urge you to share your credit card payment details. A criminal exploiting someone’s medical or insurance details to make fraudulent claims is known as medical identity theft. Identity-theft.

Privacy 274

Privacy Security Phishing Insurance 274

Krebs on Security

AUGUST 12, 2019

Securities and Exchange Commissio n (SEC) is investigating a security failure on the Web site of real estate title insurance giant First American Financial Corp. No authentication was required to view the documents. In its letter, the SEC asked Shoval to preserve and share any documents or evidence he had related to the data exposure.

Insurance 222

Insurance Access Authentication Cybersecurity 222

Data Protection Report

OCTOBER 3, 2021

Effective October 1, 2021, an amendment [1] to the Connecticut General Statute concerning data privacy breaches, Section 36a-701b, will impact notification obligations in several significant ways. Required Identity Theft Prevention Services. Additional Considerations for Businesses.

Data breaches 142

Data breaches IT Insurance Passwords 142

Security Affairs

JANUARY 18, 2023

On December 12, 2022, the Cybernews research team discovered a publicly accessible database with 260GB of sensitive personal data belonging to myrocket.co, offering ‘end-to-end’ recruitment solutions and HR services for companies in India. Treasure trove of data. The discovered database was not protected by authentication.

Privacy 91

Privacy Insurance Personal data Phishing 91

Security Affairs

OCTOBER 24, 2021

The threat actors claim to have obtained the data from an insider in the local police, they published a sample of database records containing model of the car, its registration and VIN number, date of registration, engine power, name of the owner, date of birth, and phone number. . ” continues the post. . ” continues the post.

Sales 103

Sales Insurance Analytics Authentication 103

IT Governance

NOVEMBER 6, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. When MOVEit was hacked by the Russian Cl0p ransomware gang in May, email addresses and links to government employee surveys were compromised.

Data Privacy 97

Data Privacy Privacy Libraries Security 97

Hunton Privacy

JULY 1, 2022

In its consent order , the Department noted that the cybersecurity events had caused the exposure of a substantial amount of sensitive personal data belonging to Carnival’s customers, including those residing in New York. NYDFS also found that Carnival had failed to implement basic protocols to prevent data breaches.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

Data Matters

SEPTEMBER 18, 2019

Under the revised Payment Services Directive (2015/2366) (PSD2), the European Banking Authority (EBA) and the European Commission were required to develop and adopt regulatory technical standards on strong customer authentication and common and secure open standards of communication. STRONG CUSTOMER AUTHENTICATION. What is SCA?

Authentication 102

Authentication e-Delivery Risk Sales 102

Krebs on Security

JANUARY 29, 2021

The unprecedented volume of unemployment insurance fraud witnessed in 2020 hasn’t abated, although news coverage of the issue has largely been pushed off the front pages by other events. The scammers typically use stolen identity data to claim benefits, and then have the funds credited to an online account that they control.

Insurance 297

Insurance Personal data Authentication IT 297

Security Affairs

JANUARY 20, 2023

PayPal is sending out data breach notifications to thousands of users because their accounts were compromised through credential stuffing attacks. Then, they enter those accounts for the purpose of abusing permissions, siphoning out data, or both. ” said Gal. ” said Gal.

Data breaches 94

Data breaches Passwords Insurance Access 94

Krebs on Security

MAY 31, 2019

That measure, which went into effect in March 2019 and is considered among the toughest in the nation, requires financial companies to regularly audit and report on how they protect sensitive data, and provides for fines in cases where violations were reckless or willful. No authentication was needed to access the digitized records.

Financial Services 207

Financial Services Insurance Sales Authentication 207

Security Affairs

MARCH 17, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 112

Data breaches Security Computer and Electronics Ransomware 112

Krebs on Security

DECEMBER 8, 2022

The CLOP members said one tried-and-true method of infecting healthcare providers involved gathering healthcare insurance and payment data to use in submitting requests for a remote consultation on a patient who has cirrhosis of the liver. Encrypting sensitive data wherever possible. ” .

Ransomware 257

Ransomware Metadata Insurance Encryption 257

DLA Piper Privacy Matters

SEPTEMBER 6, 2023

Authors: Carolyn Bigg, Gwyneth To and Rachel De Souza Start preparing now to comply with India’s new data protection law. The DPDP Act is India’s first comprehensive law on the protection of personal data and comes six years after the Supreme Court of India first declared a fundamental right to privacy in the Puttaswarmy case in 2017.

Personal data 111

Personal data GDPR Data breaches Compliance 111

Dark Reading

MAY 24, 2019

Real estate title firm reportedly has closed a hole in its website that had left hundreds of millions of real estate tile insurance files accessible without authentication, according to KrebsOnSecurity.

Insurance 94

Insurance Authentication Access IT 94

Security Affairs

MARCH 25, 2021

Researchers discovered the availability in the DarK Web of 30M of records of Americans affected by the Astoria Company data breach. Collected data si shared with a number of partner sites (such as insurance or loan agencies), that pay per lead referral. social security numbers (these numbers were later proven to be inflated).

Data breaches 112

Data breaches Sales Insurance Marketing 112

Hunton Privacy

NOVEMBER 20, 2013

On November 4, 2013, the China Insurance Regulatory Commission, which is the Chinese regulatory and administrative authority for the insurance sector, issued the Interim Measures for the Management of the Authenticity of Information of Life Insurance Customers (the “Measures”).

Insurance 40

Insurance Personal data Authentication Records Management 40

Security Affairs

JANUARY 4, 2022

The Broward Health public health system disclosed a massive data breach that has impacted more than 1.3 The Broward Health public health system has suffered a data breach that impacted 1,357,879 individuals. The attack took place on October 15, 2021, when threat actors breached the hospital’s network and accessed patient data.

Data breaches 90

Data breaches Passwords Insurance Access 90

Krebs on Security

JUNE 4, 2019

said today personal and financial data on some 7.7 That third party — the American Medical Collection Agency (AMCA) — also recently notified competing firm Quest Diagnostics that an intrusion in its payments Web site exposed personal, financial and medical data on nearly 12 million Quest patients. . million patients.

Insurance 246

Insurance Data Privacy Access Security 246

Data Matters

MARCH 28, 2022

Department of Health and Human Service’s Office for Civil Rights (“OCR”) issued industry guidance for Health Insurance Portability and Accountability Act (“HIPAA”) regulated entities to take preventative steps to protect against some of the more common, and often successful, cyber-attack techniques. On March 17, 2022, the U.S.

Cybersecurity 88

Cybersecurity Privacy Insurance Risk 88

Data Matters

FEBRUARY 6, 2019

On December 3, 2018, twelve attorneys general (“AGs”) jointly filed a data breach lawsuit against Medical Informatics Engineering and its subsidiary, NoMoreClipboard LLC (collectively “the Company”), an electronic health records company, in federal district court in Indiana. See Indiana v. Informatics Eng’g, Inc. , 3:18-cv-00969 (N.D.

Data breaches 83

Data breaches Computer and Electronics Security Insurance 83

Thales Cloud Protection & Licensing

MAY 9, 2022

However, even after the Colonial Pipeline attack, less than half of businesses (48%) have a formal ransomware plan according to the 2022 Thales Data Threat Report. In addition, the report found that one in five businesses have paid or would pay a ransom to get their data. Cyber insurance coverage ramps up.

Insurance 71

Insurance Ransomware Encryption Authentication 71

Krebs on Security

JULY 4, 2020

A reader who was recently the victim of unemployment insurance fraud said he was told he should create an account at the Department of Homeland Security ‘s myE-Verify website , and place a lock on his Social Security number (SSN) to minimize the chances that ID thieves might abuse his identity for employment fraud in the future.

Passwords 281

Passwords Authentication Insurance Mining 281

Thales Cloud Protection & Licensing

AUGUST 3, 2021

Protecting Medical Data Against a Cyber-Attack Pandemic. Patient records were always valued by attackers for launching sophisticated insurance fraud schemes, purchasing medical supplies or drugs, or committing other types of fraud including identity theft. Tue, 08/03/2021 - 09:44. Such was the case with the COVID-19 pandemic.

IoT 87

IoT Encryption Cloud Authentication 87

Data Matters

FEBRUARY 25, 2021

The FCA is proposing amendments to: the UK onshored versions of EU technical standards on strong customer authentication (SCA) and common and secure methods of communication (UK SCA-RTS); its Approach Document on Payment Services and Electronic Money (Approach Document); and. Authentication code. its Perimeter Guidance Manual (PERG).

Authentication 68

Authentication Paper Risk Insurance 68

Data Matters

JANUARY 28, 2022

Within a few days, data security experts at Microsoft , Palo Alto Networks (“PANW”), and Mandiant confirmed reports of increasing Russian cyberactivity and offered their own recommendations for hardening measures (many of which overlap with the Advisory). Require multi-factor authentication (MFA) for all users. The post U.S.

Cybersecurity 157

Cybersecurity Financial Services Authentication Government 157

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

eSecurity Planet

SEPTEMBER 14, 2022

A major focus of cybersecurity as an industry is its efforts to detect, root out, and respond to potential fraudsters attempting to trick companies and people out of their money, data, or both. According to data from the Federal Reserve , the 55-69 age group currently controls 41.2% So why do scammers go after older individuals more?

Energy and Utilities 120

Energy and Utilities Phishing Blockchain Cybersecurity 120

Security Affairs

OCTOBER 9, 2021

The company notified via mail hundreds of individuals that were impacted by the security breach and that that have had their personal data exposed in the attack. . SecurityAffairs – hacking, data breach). “CMG is not aware of any cases of identity theft, fraud, or financial losses to individuals stemming from this incident.”

Ransomware 106

Ransomware Insurance Encryption Authentication 106