Insurance Occurrence Assurance?

Andrew Hay

Though the breaches are concerning, the real story is that the financial institution suing its insurance provider for refusing to fully cover the losses. From the article: In its lawsuit (PDF), National Bank says it had an insurance policy with Everest National Insurance Company for two types of coverage or “riders” to protect it against cybercrime losses. This, unfortunately, is the nature of insurance.

Maryland Court Finds Coverage for Lost Data and Slow Computers After Ransomware Attack

Hunton Privacy

As previously posted on our Hunton Insurance Recovery blog , a Maryland federal court awarded summary judgment to policyholder National Ink in National Ink and Stitch, LLC v. State Auto Property and Casualty Insurance Company , finding coverage for a cyber attack under a non-cyber insurance policy after the insured’s server and networked computer system were damaged as a result of a ransomware attack.


Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Harleysville Insurance Co. v. Holding Funeral Home, No. 1:15cv00057 (W.D.Va. Feb. 9, 2017)

eDiscovery Law

Key Insight: Waiver of privilege for documents inadvertently posted to publicly accessible location Nature of Case: insurance coverage litigation Electronic Data Involved: uploads Keywords:, privilege waiver, publicly accessible, account permissions, file sharing Identified State Rule(s): Va.

Court Rules Fraud Involving a Computer Is Not ‘Computer Fraud’ under Crime Protection Policy

Hunton Privacy

18, 2016), that a crime protection insurance policy does not cover loss resulting from a fraudulent email directing funds to be sent electronically to the imposter’s bank account because the scheme did not constitute “computer fraud” under the policy. Apache recouped a portion of the payments from its bank and attempted to recover the balance from its insurer. Cybersecurity Financial Privacy Information Security Email Insurance Provider Litigation

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Krebs on Security

Now the financial institution is suing its insurance provider for refusing to fully cover the losses. The email allowed the intruders to install malware on the victim’s PC and to compromise a second computer at the bank that had access to the STAR Network , a system run by financial industry giant First Data that the bank uses to handle debit card transactions for customers. Everest National Insurance Company did not respond to requests for comment.

Fund Managers Targeted in Sophisticated Cyberattacks

Data Matters

For remote access to emails, trading systems and other electronic data containing confidential information, the authentication mechanism should utilize at least two of the following factors: what a person knows (e.g., Insurance: The firm should communicate with its insurance company and review policy coverage. Insurance should be specifically evaluated with potential cyberattacks and data breach in mind.

What’s a Lawyer’s Duty When a Data Breach Occurs within the Law Firm: Cybersecurity Best Practices

eDiscovery Daily

Right inside the door, you see a handwritten notice on a big whiteboard which says: All network services are down, DO NOT turn on your computers! Finding this odd, you turn to your firm receptionist who tells you that the firm was hit with a ransomware attack overnight, and that if you turn on your computer all of your files will be immediately encrypted, subject to a bitcoin ransom.”. Electronic Discovery Security

#ModernDataMasters: Henrik Liliendahl, Chairman & CTO, Product Data Lake


I got good grades in mathematics at school but it was an evening class in secondary school that I took in what was then called EDP (Electronic Data Processing) that got me started. We didn’t even have a computer at that school so the whole class was about things drawn on the blackboard. Then one day we had a trip to a larger college that actually had computers and I was hooked! I was educated in computer engineering but my first job was on the business side.

MDM 46

Will Lawyers Ever Embrace Technology?: eDiscovery Best Practices, Part Four

eDiscovery Daily

Craig Ball once made a great point in responding to a post of mine about educating lawyers when he said “ We not only need to persuade lawyers to take the plunge, we need to insure there’s a pool for them to jump into. Do they go to a community night course on computers? Beyond that, I’d also suggest the following books which are worth consulting as well: A Process of Illumination: The Practical Guide To Electronic Discovery , Mary Mack (available on Amazon here ).

No Bad Faith Means No Sanctions for Failing to Preserve Video of Altercation: eDiscovery Case Law

eDiscovery Daily

In assessing the plaintiff’s motion, Judge O’Hara noted that “the parties agreed the surveillance video is a form of electronically stored information (“ESI”) subject to the preservation requirements of Rule 37(e)”. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

2019 eDiscovery Case Law Year in Review, Part 3

eDiscovery Daily

DiGiusti granted the “Children” defendants’ Motion to Compel against non-party City of Oklahoma City Police Department (“OCPD”) to comply with the Children’s subpoena of records related to the murder of their father in a civil case with the insurance company. Case Law Electronic Discovery

Court Rules Non-Party Subpoenaed ESI Not Subject to 100-Mile Boundary: eDiscovery Case Week

eDiscovery Daily

Cauthron, noting that the non-party “subpoena at issue does not require the travel or attendance of any witnesses and Plaintiff is requesting the production of electronic documents” , found that “there is no violation of the 100-mile limitation for electronic documents pertaining to Rule 54” and granted the plaintiff’s Motion to Compel Compliance with Subpoena directed to the non-party. Case Law Electronic Discovery Evidence ProductioneDiscovery Case Week continues!

First Ever Multi-State Data Breach Lawsuit Targets Healthcare Provider: Cybersecurity Trends

eDiscovery Daily

The lawsuit alleges that Fort Wayne-based Medical Informatics Engineering and its subsidiary NoMoreClipboard “failed to take adequate and reasonable measures to ensure their computer systems were protected,” resulting in a 2015 breach that gave hackers access to the personal healthcare information of 3.9 Electronic Discovery Privacy SecurityJust as the number of data breaches continues to rise, the number of lawsuits over data breaches continues to rise as well.

Business ID Theft Soars Amid COVID Closures

Krebs on Security

She shared with me a copy of the lease, which included a fraudulent ID and even a vehicle insurance card for a Land Cruiser we got rid of like 15 years ago.

Standardizing the Non-Standard Digital Forensics Protocol, Sort Of: eDiscovery Best Practices

eDiscovery Daily

In his latest blog post on his Ball in Your Court blog ( Drafting Digital Forensic Examination Protocols , available here on his blog and here on his site in PDF form ), Craig discusses the ins and outs of putting together a forensic examination protocol, equating the drafting of such a protocol to “writing out the questions in advance” when taking the deposition of a computer or smart phone. Collection Electronic Discovery Evidence

Delaware County, Pennsylvania, opted to pay 500K ransom to DoppelPaymer gang

Security Affairs

“Sources said the county is in the process of paying the $500,000 ransom as it’s insured for such attacks.” “The County of Delaware recently discovered a disruption to portions of its computer network.

Chronicle of a Records Manager: Controlling the Chaos of Disaster Response and Recovery

ARMA International

I have overseen two significant projects: an electronic discovery production and disaster response and recovery effort. Covering all computers and file cabinets in plastic sheeting. . The plan was to meet the insurance coordinator at the Howard Avenue office at 8:30 a.m.

2017 eDiscovery Case Law Year in Review, Part 3

eDiscovery Daily

Hornak denied the plaintiff’s Motions to Compel third parties Microsoft, Google and Yahoo to Produce Responsive Documents Pursuant to their Subpoenas, finding that “resolution of this case begins and ends with the Stored Communications Act (‘SCA’), which generally provides that ‘a person or entity providing an electronic communication service to the public shall not knowingly divulge to any person or entity the contents of a communication while in electronic storage by that service.’”.

Largest hospital system in New Jersey was hit by ransomware attack

Security Affairs

Hackensack Meridian Health did not reveal the amount of money it has paid to crooks, according to a statement issued by the hospital it holds insurance coverage for such emergencies.

Information Management in the Not-So-Distant Future of Health Care


The classic example is the insurer that won’t pay for care that a doctor determines a patient needs. Insurers are about profit; doctors are about delivering the best care. With collaborative videoconferencing: Low-income patients without insurance can use the Emergency Room less often.

Best Digital Forensics Tools & Software for 2021

eSecurity Planet

Autopsy is its GUI and a digital forensics platform used widely in public and private computer system investigations to boost TSK’s abilities. image files, and analysis of remote computers.

Do’s and Don’ts of Text Message Discovery

eDiscovery Daily

Corporate servers stored the data, regardless of how the email was sent or received (via mobile device or work computer). Discovery requests of the past had little reason to include text messages as a form of evidence.

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

IT Governance

We found a comparatively low 9,780,931 breached records from publicly disclosed security incidents in June 2021. But don’t be fooled by that number – it comes from 106 incidents, which is roughly average for the year.

What IG Professionals Should Know About the Internet of Bodies

ARMA International

Another common name for the IoB is embodied computing , where the human body is used as a technology platform. Wearable technology began as any kind of electronic device designed to be worn on the user’s body. Welcome to the Age of the Internet of Bodies.

Podcast Episode 119: EFF on Expanding Researchers Rights and AT&T talks IoT Security Fails

The Security Ledger

In this episode of the podcast, #119: Electronic Frontier Foundation General Counsel Kurt Opsahl joins us to talk about the Coders’ Rights Project. » Related Stories Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats Spotlight Podcast: At 15 Cybersecurity Awareness Month Grows with Cyber Risk Spotlight Podcast: 15 Years Later Is Cybersecurity Awareness Month Working?

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

Data Matters

On December 3, 2018, twelve attorneys general (“AGs”) jointly filed a data breach lawsuit against Medical Informatics Engineering and its subsidiary, NoMoreClipboard LLC (collectively “the Company”), an electronic health records company, in federal district court in Indiana. According to the complaint, over a period of 19 days, hackers were able to infiltrate the Company’s computer systems.

List of data breaches and cyber attacks in December 2020 – 148 million records breached

IT Governance

What else would you expect from the final month of 2020 than the highest number of publicly disclosed incidents we’ve ever recorded? We logged 134 security incidents in December, which accounted for 148,354,955 breached records. That brings the total for 2020 to more than 20 billion.

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

ARMA International

This means imagining the “art of the possible” for a new future using a cloud computer model to deliver transformative change. Archival services imply long-term storage of content such as pension records, life insurance policies, real-estate transactions, magazines, and much more.

Speed up digital transformation and data literacy with Data Intelligence Cloud for healthcare


Electronic Medical Record (EMR) and Electronic Health Record (EHR) systems coupled with a multitude of point solutions that have a “black-box” effect (whereby data is increasingly difficult to extract, migrate, reconcile or standardize to ensure consistency and transparency).

The U.S. Office of the Comptroller of the Currency Seeks Comment on Digital Innovation by Banks

Data Matters

electronic payments, check capture and online banking), the OCC lists some of the new technologies, the implementation of which may be hindered by ambiguous, burdensome or inflexible rules, such as blockchain, artificial intelligence, biometrics, cloud computing and big data/analytics. The U.S.

HHS Announces HIPAA Settlement with UMass

Hunton Privacy

On November 22, 2016, the Department of Health and Human Services (“HHS”) announced a $650,000 settlement with University of Massachusetts Amherst (“UMass”), resulting from alleged violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules. . UMass did not have firewalls in place to guard against unauthorized access to ePHI transmitted over an electronic communications network.

Multi-Factor Authentication Best Practices & Solutions

eSecurity Planet

A token acts as an electronic cryptographic key that unlocks the device or application, usually with an encrypted password or biometric data. Disconnected tokens are generally only good for one use and can be delivered via RFID or Bluetooth, or users can manually enter them into the computer.

Weekly podcast: NHS upgrade, $242m Equifax loss and prison hacker jailed

IT Governance

However, a large part of the loss has been offset by the company’s cyber insurance: Equifax announced that it maintains “$125 million of cybersecurity insurance coverage, above a $7.5 million deductible”, and, since announcing the cyber security incident in September 2017, has “recorded insurance recoveries of $60.0

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

IT Governance

The representative did a “visual review” of the buckets, as USPS’s internal policy is not to plug any USB sticks into a computer (not all bad practice, eh?), Social insurance numbers. The law will apply to consumer electronics from 2020. Rather than posting the usual long list of data breaches and cyber attacks, I’ve decided to go down a new route.

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

IT Governance

The representative did a “visual review” of the buckets, as USPS’s internal policy is not to plug any USB sticks into a computer (not all bad practice, eh?), Social insurance numbers. The law will apply to consumer electronics from 2020. Rather than posting the usual long list of data breaches and cyber attacks, I’ve decided to go down a new route.

Saudi Arabia’s New Data Protection Law – What you need to know

DLA Piper Privacy Matters

The Middle East’s data protection regulatory landscape is complex, and continues to develop with Saudi Arabia’s ( KSA ) newly published Personal Data Protection Law ( PDPL ).

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

Definition of Personal information and Sensitive Personal information “Personal information” means any kind of information relating to an identified or identifiable natural person, either electronically or otherwise recorded, but excluding information that has been de-identified or anonymised.

OCR Enters into Record Settlement with Anthem

Hunton Privacy

Three years ago, in February 2015, OCR opened a compliance review of Anthem, the nation’s second largest health insurer, following media reports that Anthem had suffered a significant cyberattack. Attackers were able to download malicious files to the employee’s computer and gain access to other Anthem systems that contained individuals’ names, Social Security numbers, medical identification numbers, addresses, dates of birth, email addresses and employment information.

Debut of the Texas State Records Retention Schedule (RRS): 5th Edition – 5/10/2020

The Texas Record

2.1.001 Processing Files These types of records should be classified under Master Files and Application Data (2.1.002) and Computer Software Programs (2.1.007), as applicable. 2.2.004 Computer Job Schedules and Reports This type of record should be classified under Activity Reports (1.1.069).

Who Is Infosource? An Interview With Johann Hoepfner About Printing, Capture, and More

Info Source

I started to understand bigger printers and bigger computers. Infosource back then had just switched from printed reports to electronic and Web-based data delivery. The commercial printing — which is often still paper-based, insurance, bank statements, etc.