Data Matters

AUGUST 5, 2019

On July 25, 2019, Governor Cuomo signed the two bills into law, one which amended the state’s data breach notification law, and another that created additional obligations for data breaches at credit reporting agencies. The Identity Theft Prevention and Mitigation Services Act. codified at N.Y.

Cybersecurity 68

Cybersecurity Data breaches Privacy Risk 68

Data Protection Report

FEBRUARY 8, 2022

According to the settlement agreement, the AG concluded that EyeMed’s security practices did not meet the requirements of the SHIELD Act with respect to four requirements: authentication, password management, logging and monitoring, and data retention in the email account. SHIELD Act.

Passwords 98

Passwords Financial Services Authentication Insurance 98

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk 147

Risk Financial Services Insurance Cybersecurity 147

Krebs on Security

JANUARY 25, 2022

Although he didn’t technically have an account with MSF, their authentication system is based on email addresses, so Jim requested that a password reset link be sent to his email address. Then in mid-January, Jim heard from MSF via snail mail that they’d discovered a data breach.

Financial Services 219

Financial Services IT Data breaches Authentication 219

Security Affairs

JUNE 11, 2021

These included logins for social media, online games, online marketplaces, job-search sites, consumer electronics, financial services, email services, and more. Most of the stolen files (50%+) were text files, some of them containing software logs, passwords, personal notes, and other sensitive information.

Computer and Electronics 111

Computer and Electronics Archiving Encryption Passwords 111

Rocket Software

AUGUST 17, 2020

For some sectors, like finance, security and data protection are top of mind for everything that is done. Financial services organizations typically experience the most data breaches and hacks, which makes security a priority. Patient data is highly sensitive and confidential. But what about healthcare?

Authentication 52

Authentication Financial Services Passwords Insurance 52

Data Protection Report

OCTOBER 24, 2022

On October 18, 2022, the New York Department of Financial Services announced a settlement with EyeMed, a licensed life, accident, and health insurer, with respect to a security incident that occurred in 2020. 7. Improper certification of compliance with the Cybersecurity Regulation. Over-Retention/Failure to Dispose.

Cybersecurity 52

Cybersecurity Personal data Risk Financial Services 52

Security Affairs

MAY 10, 2022

Once “Frappo” is properly configured, statistical data will be collected and visualized – such as how many victims opened the phishing page, accessed authorization and entered credentials, uptime, and the server status. Detailed analysis of the Phishing-As-A-Service Frappo is available here: [link].

Phishing 72

Phishing Retail Financial Services Data breaches 72

Adam Levin

NOVEMBER 30, 2018

Regis, Westin, Sheraton, W Hotels or anywhere else that operates on Marriot’s Starwood guest reservation database, it’s time to redouble your cybersecurity and privacy efforts, because this compromise is one of biggest we’ve seen—dwarfed only by the Yahoo breach that affected 2 billion users. If you’ve made reservations at the St.

Financial Services 66

Financial Services Encryption Passwords Communications 66

eSecurity Planet

SEPTEMBER 10, 2021

CloudPassage’s 2021 AWS Cloud Security Report found that misconfiguration of cloud platforms (71 percent), exfiltration of sensitive data (59 percent), and insecure APIs (54 percent) are the top cloud security threats facing cybersecurity professionals. Read more: Best Cybersecurity Awareness Training for Employees in 2021.

Cloud 131

Cloud Security Encryption Risk 131

Adam Levin

NOVEMBER 17, 2020

Make sure your smartphone, tablet and laptop are password-protected, particularly if you’re in the habit of carrying them around wherever you go. Create long and strong passwords. Never use duplicate usernames or passwords across any of your online accounts to limit your exposure in case of a data breach.

Retail 97

Retail e-Delivery Passwords Phishing 97

Data Protection Report

OCTOBER 1, 2019

Private information” is also separately defined to mean user name or e-mail address in combination with the password or security question and answer—without any need for “personal information.”. Biometric information that is used to authenticate or ascertain the individual identity. 1798.150.

Security 40

Security Financial Services Passwords Risk 40

Krebs on Security

APRIL 11, 2024

Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense , whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard.

Encryption 250

Encryption Passwords Access Financial Services 250

Data Matters

APRIL 23, 2018

Recent guidance from the Securities and Exchange Commission (SEC) on disclosure and enforcement actions by the Federal Trade Commission (FTC) make clear that cybersecurity is no longer a niche topic, but a concern significant enough to warrant the oversight of corporate boards of directors. Adopting the NIST Cybersecurity Framework.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60

The Last Watchdog

MAY 24, 2021

Related: DHS launches 60-day cybersecurity sprints. billion hitting financial services organizations — an increase of more than 45 percent year-over-year in that sector. billion web app attacks last year, with more than 736 million targeting financial services. A: You’re right. It is astronomical.

Financial Services 178

Financial Services Passwords Data breaches Authentication 178

IT Governance

MARCH 11, 2024

66,702,148 known records breached in 103 newly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 6.9

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

IT Governance

JANUARY 16, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data is no longer publicly available. Data breached: >223,000,000 records. GB database includes names, email addresses, phone numbers and passwords.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

The Last Watchdog

OCTOBER 29, 2019

If you ask the builders of these SPAs, they will tell you that the scale and simplicity of retrieving lots of data with GraphQL is superior to a standard RESTful API. And that brings us to cybersecurity. APIs are the conduits for moving data to-and-fro in our digitally transformed world. Regulatory compliance is adding pressure.

Digital transformation 140

Digital transformation Data breaches Cloud Mining 140

The Last Watchdog

FEBRUARY 25, 2019

Added pressure came from having to also meet stringent new data security rules that took shape in the form of Europe’s General Data Protection Regulation, New York state’s Cybersecurity Requirements for Financial Services Companies and California’s Consumer Privacy Act.

Access 169

Access Government Authentication Data breaches 169

Data Matters

MAY 17, 2022

It used to be that data breaches were all about cyber-crooks hacking computer systems to steal personal information, followed by an affected company sending regretful notification letters offering a year or two of complimentary credit monitoring. Statement by President Biden on our Nation’s Cybersecurity (March 21, 2022).

Cybersecurity 97

Cybersecurity Government Authentication Ransomware 97

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. Investors recognize the potential too, as funding for cybersecurity ventures more than doubled from previous years to almost $22 billion in 2021. Series B SECURITI.ai

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142

Security Affairs

NOVEMBER 19, 2023

Israeli man sentenced to 80 months in prison for providing hacker-for-hire services Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine The board of directors of OpenAI fired Sam Altman Medusa ransomware gang claims the hack of Toyota Financial Services CISA adds Sophos Web Appliance bug to its Known Exploited Vulnerabilities catalog (..)

Security 94

Security Data breaches Ransomware Financial Services 94

Security Affairs

DECEMBER 10, 2023

billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Security 87

Security Ransomware Data breaches Phishing 87