IT Governance

NOVEMBER 6, 2023

According to the security company Resecurity , which discovered the listing, the data included victims’ name, age, gender, address, passport number and Aadhaar number (a 12-digit government identification number). It secured its systems, notified law enforcement and began investigating the incident.

Data Privacy 97

Data Privacy Privacy Libraries Security 97

Krebs on Security

JUNE 4, 2019

That third party — the American Medical Collection Agency (AMCA) — also recently notified competing firm Quest Diagnostics that an intrusion in its payments Web site exposed personal, financial and medical data on nearly 12 million Quest patients. Securities and Exchange Commission , LabCorp. 1, 2018 and March 30, 2019.

Insurance 253

Insurance Data Privacy Access Security 253

Data Matters

SEPTEMBER 18, 2019

Under the revised Payment Services Directive (2015/2366) (PSD2), the European Banking Authority (EBA) and the European Commission were required to develop and adopt regulatory technical standards on strong customer authentication and common and secure open standards of communication. STRONG CUSTOMER AUTHENTICATION. What is SCA?

Authentication 102

Authentication e-Delivery Risk Sales 102

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. NSC), relating to violations of three different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2020. NYDFS Cybersecurity Regulation.

Cybersecurity 94

Cybersecurity Financial Services Phishing Compliance 94

Data Protection Report

JULY 8, 2019

The issue giving rise to the financial penalty was a security breach relating to the company’s website notified by a user to the CNIL on 12 August 2018. According to SERGIC, the website’s security breach could have impacted around 29,440 users.

GDPR 40

GDPR Personal data Compliance Security 40

Data Protection Report

AUGUST 29, 2017

Earlier this month, Delaware revamped its data breach notification law, with changes to go into effect April 14, 2018. Most notably, the new law requires any entity that has suffered a data breach that includes social security numbers to provide free credit monitoring services to affected residents for one year.

Data breaches 40

Data breaches Insurance Encryption Passwords 40

Data Matters

APRIL 23, 2018

* This article first appeared in In-House Defense Quarterly on April 3, 2018. Information security is not yet a science; outside of the handful of issues falling under the field of cryptography, there is no formalized system of classification. Designing an Enterprise-Level Approach.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60