Computer and Electronics, Data, Insurance and Security

Security Affairs newsletter Round 463 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 17, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches Security Computer and Electronics Ransomware

Maryland Court Finds Coverage for Lost Data and Slow Computers After Ransomware Attack

Hunton Privacy

FEBRUARY 5, 2020

As previously posted on our Hunton Insurance Recovery blog , a Maryland federal court awarded summary judgment to policyholder National Ink in National Ink and Stitch, LLC v. This is significant because it demonstrates that insureds can obtain insurance coverage for cyber attacks even if they do not have a specific cyber insurance policy.

Computer and Electronics

Computer and Electronics Ransomware Insurance Access

LCMHS hospital suffered a Ransomware attack at Louisiana hospital that impacted 270,000 patients

Security Affairs

DECEMBER 29, 2022

The Lake Charles Memorial Health System (LCMHS) disclosed a data breach that affected almost 270,000 patients at its medical centers. The security breach took place on October 21, 2022, when the internal security team detected unusual activity on its computer network. Health insurance information. Dates of birth.

Ransomware

Ransomware Computer and Electronics Data breaches Insurance

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

Data Matters

FEBRUARY 6, 2019

On December 3, 2018, twelve attorneys general (“AGs”) jointly filed a data breach lawsuit against Medical Informatics Engineering and its subsidiary, NoMoreClipboard LLC (collectively “the Company”), an electronic health records company, in federal district court in Indiana. See Indiana v. Informatics Eng’g, Inc. , 3:18-cv-00969 (N.D.

Data breaches

Data breaches Computer and Electronics Security Insurance

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

IT Governance

JULY 1, 2021

We found a comparatively low 9,780,931 breached records from publicly disclosed security incidents in June 2021. It’s simply the case that in the majority of cases, the breached organisation didn’t reveal how much data was compromised, either because it didn’t know or wasn’t obliged to reveal it publicly. Data breaches.

Data breaches

Data breaches Ransomware Computer and Electronics Retail

Understanding HIPAA: A Guide to Avoiding Common Violations

Armstrong Archives

AUGUST 25, 2023

The Health Insurance Portability and Accountability Act (HIPAA) ensures individuals’ health data protection and privacy. This includes insurance companies, nurses, and doctors. Healthcare has become more interconnected than ever, making it important to protect patients’ sensitive information.

Computer and Electronics

Computer and Electronics Insurance Compliance Risk

Information Management in the Not-So-Distant Future of Health Care

AIIM

APRIL 12, 2022

If I’m not Zooming with my primary care provider, I’m swapping data with a specialist via a phone app or transmitting my blood pressure readings from my remote monitor to the disembodied nurse in my voicemail who chides me with messages if I miss a reading. Your symptoms will often be diagnosable from that data. Or so it seems.

Computer and Electronics

Computer and Electronics Insurance Marketing Paper

List of data breaches and cyber attacks in December 2020 – 148 million records breached

IT Governance

JANUARY 4, 2021

We logged 134 security incidents in December, which accounted for 148,354,955 breached records. We’ll have a separate post looking at the year’s data breaches and cyber attacks in more detail, but in the meantime, you can find the full list of December’s incidents below. Data breaches. Cyber attacks. Ransomware. In other news….

Data breaches

Data breaches Ransomware Energy and Utilities Computer and Electronics

Delaware County, Pennsylvania, opted to pay 500K ransom to DoppelPaymer gang

Security Affairs

NOVEMBER 30, 2020

. “Sources said the county is in the process of paying the $500,000 ransom as it’s insured for such attacks.” “The County of Delaware recently discovered a disruption to portions of its computer network. The incident was disclosed on Monday and now Delaware County has paid a $500,000 ransom. Pierluigi Paganini.

Computer and Electronics

Computer and Electronics Ransomware Insurance Encryption

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

IT Governance

OCTOBER 30, 2018

Rather than posting the usual long list of data breaches and cyber attacks, I’ve decided to go down a new route. It’s been the usual mix of data breaches this month, with lots of mistakes being made and lots of ransoms being paid. First, who sends data via a posted USB stick? Social insurance numbers. Treaty card numbers.

Data breaches

Data breaches Computer and Electronics Passwords Insurance

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

IT Governance

OCTOBER 30, 2018

Rather than posting the usual long list of data breaches and cyber attacks, I’ve decided to go down a new route. It’s been the usual mix of data breaches this month, with lots of mistakes being made and lots of ransoms being paid. First, who sends data via a posted USB stick? Social insurance numbers. Treaty card numbers.

Data breaches

Data breaches Computer and Electronics Passwords Insurance

Saudi Arabia’s New Data Protection Law – What you need to know

DLA Piper Privacy Matters

OCTOBER 7, 2021

The Middle East’s data protection regulatory landscape is complex, and continues to develop with Saudi Arabia’s ( KSA ) newly published Personal Data Protection Law ( PDPL ). While the PDPL contains the main features of a modern data protection law, it cannot be considered a direct analogue of the GDPR. Deceased’s data.

Personal data

Personal data Compliance Computer and Electronics IoT

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy

Data Privacy Privacy Compliance Analytics

Business ID Theft Soars Amid COVID Closures

Krebs on Security

JULY 27, 2020

based Dun & Bradstreet [ NYSE:DNB ] is a data analytics company that acts as a kind of de facto credit bureau for companies: When a business owner wants to open a new line of credit, creditors typically check with Dun & Bradstreet to gauge the business’s history and trustworthiness. . Short Hills, N.J.-based

Energy and Utilities

Energy and Utilities Computer and Electronics Insurance Risk

Podcast Episode 119: EFF on Expanding Researchers Rights and AT&T talks IoT Security Fails

The Security Ledger

NOVEMBER 6, 2018

In this episode of the podcast, #119: Electronic Frontier Foundation General Counsel Kurt Opsahl joins us to talk about the Coders’ Rights Project. Also: we speak with Senthil Ramakrishnan, a lead member of AT&T’s IoT Security group about that company’s plans to work with Ericsson to certify the security of IoT devices.

IoT

IoT Computer and Electronics Security Insurance

What’s a Lawyer’s Duty When a Data Breach Occurs within the Law Firm: Cybersecurity Best Practices

eDiscovery Daily

APRIL 7, 2019

When I spoke at the University of Florida E-Discovery Conference last month, there was a question from the live stream audience about a lawyer’s duty to disclose a data breach within his or her law firm. Thanks to an article I came across last week, I now know that there was a recent ABA opinion on the topic. No exceptions*.

Data breaches

Data breaches Cybersecurity e-Discovery Computer and Electronics

Weekly podcast: NHS upgrade, $242m Equifax loss and prison hacker jailed

IT Governance

MAY 3, 2018

This week, we discuss a new deal between the NHS and Microsoft, the financial cost of Equifax’s massive data breach, and a jail sentence for a hacker who altered prison records. Equifax’s huge data breach, which compromised the personal data of 147.9 Hello and welcome to the IT Governance podcast for Friday, 4 May 2018.

Computer and Electronics

Computer and Electronics Insurance Data breaches Information Security

What IG Professionals Should Know About the Internet of Bodies

ARMA International

FEBRUARY 21, 2020

Those employees joined a growing number of workers in other countries – Belgium, the UK, and Sweden, to name a few – who use microchips for workplace security, convenience, and commuting. Once connected, data can be exchanged, and the body and device can be remotely monitored and controlled.” Benefits and Risks.

Computer and Electronics

Computer and Electronics Privacy Artificial Intelligence IoT

HHS Announces HIPAA Settlement with UMass

Hunton Privacy

NOVEMBER 30, 2016

On November 22, 2016, the Department of Health and Human Services (“HHS”) announced a $650,000 settlement with University of Massachusetts Amherst (“UMass”), resulting from alleged violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules. .

Computer and Electronics

Computer and Electronics Insurance Privacy Risk

First Ever Multi-State Data Breach Lawsuit Targets Healthcare Provider: Cybersecurity Trends

eDiscovery Daily

JANUARY 10, 2019

Just as the number of data breaches continues to rise, the number of lawsuits over data breaches continues to rise as well. Chances are that your data has been hacked at some point from at least one company with which you do business. But this lawsuit is unique. million US citizens. million US citizens.

Data breaches

Data breaches Cybersecurity Computer and Electronics Insurance

Fund Managers Targeted in Sophisticated Cyberattacks

Data Matters

DECEMBER 10, 2019

Regulators worldwide, including the Securities and Futures Commission of Hong Kong, have issued guidelines for reducing and mitigating hacking risks. Securities and Exchange Commission (SEC) recently discovered that 26 percent of U.S. Data privacy issues: Cyberattacks often involve identity theft. standard login passwords).

Data breaches

Data breaches Insurance Authentication Risk

Fund Managers Targeted in Sophisticated Cyberattacks

Data Matters

DECEMBER 10, 2019

Regulators worldwide, including the Securities and Futures Commission of Hong Kong, have issued guidelines for reducing and mitigating hacking risks. Securities and Exchange Commission (SEC) recently discovered that 26 percent of U.S. Data privacy issues: Cyberattacks often involve identity theft. standard login passwords).

Data breaches

Data breaches Insurance Authentication Risk

Five Steps to HIPAA Security Compliance

HIPAA

OCTOBER 16, 2013

The health insurance portability and accountability act has set various guidelines, which should be adhered to by anyone who handles any electronic medical data. Lack of compliance to the HIPAA security standards could lead to large fines and in extreme cases even loss of medical licenses.

Compliance

Compliance Computer and Electronics Security Encryption

OCR Enters into Record Settlement with Anthem

Hunton Privacy

OCTOBER 22, 2018

Anthem”) following Anthem’s 2015 data breach. Three years ago, in February 2015, OCR opened a compliance review of Anthem, the nation’s second largest health insurer, following media reports that Anthem had suffered a significant cyberattack. prevent unauthorized access to ePHI. prevent unauthorized access to ePHI.

Computer and Electronics

Computer and Electronics Passwords Data breaches Compliance

OPC reconsiders its approach to cross-border data transfers with the Equifax decision

Data Protection Report

MAY 15, 2019

In a significant recent decision, the Office of the Privacy Commissioner of Canada (OPC) altered the regulatory landscape when moving personal information between affiliated companies and across Canada’s border for data processing or storage purposes. In September 2017, Equifax Inc., s systems for four months.

IT

IT Computer and Electronics Cloud Privacy

Five Steps to HIPAA Security Compliance

HIPAA

OCTOBER 16, 2013

The health insurance portability and accountability act has set various guidelines, which should be adhered to by anyone who handles any electronic medical data. Lack of compliance to the HIPAA security standards could lead to large fines and in extreme cases even loss of medical licenses.

Compliance

Compliance Computer and Electronics Security Encryption

Five Steps to HIPAA Security Compliance

HIPAA

OCTOBER 16, 2013

The health insurance portability and accountability act has set various guidelines, which should be adhered to by anyone who handles any electronic medical data. Lack of compliance to the HIPAA security standards could lead to large fines and in extreme cases even loss of medical licenses.

Compliance

Compliance Computer and Electronics Security Encryption

German court: monitoring of employees by key logger is not allowed

Data Protection Report

AUGUST 8, 2017

Subsequently, the firm installed key logger software on its employees’ computers. When reviewing the files created by the software, the employer became aware that an employee had used his work computer for private purposes during working hours and, thereupon, terminated the employment relationship.

Computer and Electronics

Computer and Electronics Insurance Privacy GDPR

Florida Amends Breach Notification Law to Cover Health Data, Tighten Notice Deadline and Require State Regulator Notification

Hunton Privacy

JULY 10, 2014

In addition, the definition of “personal information” now includes a “username or e-mail address, in combination with a password or security question and answer that would permit access to an online account.”. steps that have been taken to rectify the breach.

Computer and Electronics

Computer and Electronics Insurance Passwords Access

Me on the Equifax Breach

Schneier on Security

NOVEMBER 8, 2017

Hearing on "Securing Consumers' Credit Data in the Age of Digital Commerce". Mister Chairman and Members of the Committee, thank you for the opportunity to testify today concerning the security of credit data. My name is Bruce Schneier, and I am a security technologist. Before the. Committee on Energy and Commerce.

Personal data

Personal data Computer and Electronics Privacy Data breaches

To get the most from blockchain in government, a sharing mindset is needed

CGI

MAY 13, 2018

When I was at university earning my Masters in Computer Science, I devoted a lot of my coursework to distributed computing. However, blockchain requires organizations to think about their data not as an asset they own, but as a shared resource—a shift in mindset that is not easy for everyone. ACT-IAC guidance. It is shared.

Blockchain

Blockchain Government Computer and Electronics Mining

Chronicle of a Records Manager: Controlling the Chaos of Disaster Response and Recovery

ARMA International

APRIL 28, 2022

I have overseen two significant projects: an electronic discovery production and disaster response and recovery effort. Covering all computers and file cabinets in plastic sheeting. . The plan was to meet the insurance coordinator at the Howard Avenue office at 8:30 a.m. The insurance coordinator proposed stabilizing in place.

Records Management

Records Management Archiving Insurance Communications

German DPAs Address a Wide Range of Topics at Annual Conference and Adopt Resolutions

Hunton Privacy

OCTOBER 9, 2013

On October 2, 2013, the 86th Conference of the German Data Protection Commissioners concluded in Bremen. securing electronic communications by implementing and developing end-to-end encryption. The DPAs request further development of the data protection framework at the national and international level.

Computer and Electronics

Computer and Electronics Encryption Communications Insurance

The Week in Cyber Security and Data Privacy: 26 February – 3 March 2024

IT Governance

MARCH 5, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 183,754,481 records. EasyPark data breach: 21.1 million data records belonging to EasyPark have been listed for sale on a hacking forum.

Data Privacy

Data Privacy Privacy Manufacturing Retail

2019 end-of-year review part 1: January to June

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories. Part one covers January to June, and will be followed by part in the coming days.

Data breaches

Data breaches GDPR Passwords Personal data

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Krebs on Security

JULY 24, 2018

Now the financial institution is suing its insurance provider for refusing to fully cover the losses. That second computer had the ability to manage National Bank customer accounts and their use of ATMs and bank cards. In June of 2016, National Bank implemented additional security protocols, as recommended by FirstData.

Insurance

Insurance Computer and Electronics Phishing Access

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

Until recently, I was fairly active on Twitter , regularly tweeting to more than 350,000 followers about important security news and stories here. Facing a backlash from lawmakers and the public, the IRS soon reverses course , saying video selfies will be optional and that any biometric data collected will be destroyed after verification.

Passwords

Passwords Ransomware Computer and Electronics Encryption

The Week in Cyber Security and Data Privacy: 22 – 28 January 2024

IT Governance

JANUARY 30, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data is more than mere credentials, too – according to Cybernews, most of the exposed data is sensitive. In total, 3,876 domain names were included in the exposed data set.

Data Privacy

Data Privacy Retail Privacy Manufacturing

2017 eDiscovery Case Law Year in Review, Part 3

eDiscovery Daily

JANUARY 9, 2018

Today, let’s take a look back at cases related to possession, custody and control, subpoena of cloud provider data, waiver of privilege and the first part of the cases relating to sanctions and spoliation. Just because you don’t physically have your hands on the data doesn’t mean you’re not responsible for it. Wilkinson, Jr.

e-Discovery

e-Discovery Computer and Electronics Communications Cloud

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

What follows below is an edited version of the debate in the House of Lords of the Second Reading of the Data Protection Bill, held on 10 October. Data is not just a resource for better marketing, better service and delivery. Data is used to build products themselves. It has become a cliché that data is the new oil.

GDPR

GDPR Personal data Government IT

The Hacker Mind Podcast: Hacking High-Tech Cars

ForAllSecure

NOVEMBER 9, 2022

Often the tiny flashing light on the dashboard also alerts would-be criminals that the car is protected by the latest form of anti theft security. A sophisticated set of encryption and electronics is at work inside the vehicle. Just because it has all the bells and whistles doesn’t necessarily mean it’s secure.

Computer and Electronics

Computer and Electronics Manufacturing Encryption Communications

Multi-Factor Authentication Best Practices & Solutions

eSecurity Planet

OCTOBER 5, 2021

But even when passwords are secure, it’s not enough. Initially, security vendors only offered two-factor authentication. Since then, security vendors have introduced new methods for authentication, which can be layered to create a multi-factor authentication solution. This post has been updated for 2021. Something you have.

Authentication

Authentication Passwords Access Computer and Electronics

Best Digital Forensics Tools & Software for 2021

eSecurity Planet

AUGUST 13, 2021

For everything from minor network infractions to devastating cyberattacks and data privacy troubles , digital forensics software can help clean up the mess and get to the root of what happened. The Sleuth Kit enables administrators to analyze file system data via a library of command-line tools for investing disk images.

e-Discovery

e-Discovery Computer and Electronics Marketing Compliance

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

ARMA International

SEPTEMBER 27, 2021

Some technology trends such as real-time data analytics are ongoing, while others are more recent, such as blockchain. This means imagining the “art of the possible” for a new future using a cloud computer model to deliver transformative change. Cloud-first “Mind-shift”. 2020, p 6).

Digital transformation

Digital transformation Risk IT Computer and Electronics

Security Affairs newsletter Round 463 by Pierluigi Paganini – INTERNATIONAL EDITION

Maryland Court Finds Coverage for Lost Data and Slow Computers After Ransomware Attack

Webinars

Trending Sources

LCMHS hospital suffered a Ransomware attack at Louisiana hospital that impacted 270,000 patients

Webinars

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

Understanding HIPAA: A Guide to Avoiding Common Violations

Information Management in the Not-So-Distant Future of Health Care

List of data breaches and cyber attacks in December 2020 – 148 million records breached

Delaware County, Pennsylvania, opted to pay 500K ransom to DoppelPaymer gang

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

Saudi Arabia’s New Data Protection Law – What you need to know

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

Business ID Theft Soars Amid COVID Closures

Podcast Episode 119: EFF on Expanding Researchers Rights and AT&T talks IoT Security Fails

What’s a Lawyer’s Duty When a Data Breach Occurs within the Law Firm: Cybersecurity Best Practices

Weekly podcast: NHS upgrade, $242m Equifax loss and prison hacker jailed

What IG Professionals Should Know About the Internet of Bodies

HHS Announces HIPAA Settlement with UMass

First Ever Multi-State Data Breach Lawsuit Targets Healthcare Provider: Cybersecurity Trends

Fund Managers Targeted in Sophisticated Cyberattacks

Fund Managers Targeted in Sophisticated Cyberattacks

Five Steps to HIPAA Security Compliance

OCR Enters into Record Settlement with Anthem

OPC reconsiders its approach to cross-border data transfers with the Equifax decision

Five Steps to HIPAA Security Compliance

Five Steps to HIPAA Security Compliance

German court: monitoring of employees by key logger is not allowed

Florida Amends Breach Notification Law to Cover Health Data, Tighten Notice Deadline and Require State Regulator Notification

Me on the Equifax Breach

To get the most from blockchain in government, a sharing mindset is needed

Chronicle of a Records Manager: Controlling the Chaos of Disaster Response and Recovery

German DPAs Address a Wide Range of Topics at Annual Conference and Adopt Resolutions

The Week in Cyber Security and Data Privacy: 26 February – 3 March 2024

2019 end-of-year review part 1: January to June

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Happy 13th Birthday, KrebsOnSecurity!

The Week in Cyber Security and Data Privacy: 22 – 28 January 2024

2017 eDiscovery Case Law Year in Review, Part 3

The debate on the Data Protection Bill in the House of Lords

The Hacker Mind Podcast: Hacking High-Tech Cars

Multi-Factor Authentication Best Practices & Solutions

Best Digital Forensics Tools & Software for 2021

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

Stay Connected