Data breaches, Definition, Government and Insurance

Connecticut Tightens its Data Breach Notification Laws

Data Protection Report

OCTOBER 3, 2021

Effective October 1, 2021, an amendment [1] to the Connecticut General Statute concerning data privacy breaches, Section 36a-701b, will impact notification obligations in several significant ways. Expanded Definition of “Personal Information”.

Data breaches

Data breaches IT Insurance Passwords

What Is Integrated Risk Management? Definition & Implementation

eSecurity Planet

APRIL 29, 2024

Integrated risk management (IRM): Evaluates daily risk impacts through the lens of specific technologies and less from a data, business objective, or strategy perspective. Governance, risk, and compliance (GRC): Tracks data risks in a daily regulatory context with less attention paid to technologies, strategies, and business goals.

Risk

Risk Compliance Communications Insurance

Data Breaches and Cyber Attacks in October 2023 – 867,072,315 Records Breached

IT Governance

NOVEMBER 3, 2023

IT Governance’s research has discovered the following for October 2023: 114 publicly disclosed security incidents. 867,072,315 records known to be breached. You’ll also be able to download each month’s data (and our sources) from the same page as the corresponding Dashboard.

Data breaches

Data breaches Insurance Ransomware Education

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

eSecurity Planet

MAY 27, 2021

The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers. Insurers Assessing Risks.

Insurance

Insurance Ransomware Risk Data science

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

JANUARY 14, 2019

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The Act is designed to “establish standards for data security and for the investigation and notification to the Superintendent of Insurance of a cybersecurity event.”.

Insurance

Insurance Security Cybersecurity Data breaches

Morrisons heads to the Supreme Court over data breach

IT Governance

APRIL 23, 2019

The Supreme Court has given Morrisons permission to appeal a ruling that found the supermarket liable for a data breach caused by a malicious insider. The information comprised names, addresses, gender, dates of birth, phone numbers, National Insurance numbers, bank details and salaries.

Data breaches

Data breaches Insurance GDPR Compliance

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

Hunton Privacy

JUNE 22, 2020

On July 1, 2020, amendments to Vermont’s data breach notification law, signed into law earlier this year, will take effect along with Vermont’s new student privacy law. Security Breach Notice Act.

Data breaches

Data breaches Privacy Education Data Privacy

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

IT Governance

MAY 7, 2024

Plus, a further 3,029,461 known records newly breached Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 395 GB.

Data breaches

Data breaches Education Manufacturing Retail

Alabama Becomes Final State to Enact Data Breach Notification Law

Hunton Privacy

APRIL 3, 2018

to enact a data breach notification law. The Alabama Data Breach Notification Act of 2018 (S.B. Key Provisions of the Alabama Data Breach Notification Act of 2018: The law applies to “covered entities” and their “third-party agents.” On March 28, 2018, Alabama became the final state in the U.S.

Data breaches

Data breaches Encryption Insurance Risk

Arizona Amends Data Breach Notification Law

Hunton Privacy

MAY 24, 2018

On April 11, 2018, Arizona amended its data breach notification law (the “amended law”). The amended law also broadens the definition of personal information and requires regulatory notice and notice to the consumer reporting agencies (“CRAs”) under certain circumstances.

Data breaches

Data breaches Authentication Passwords Insurance

Colorado Amends Data Breach Notification Law and Enacts Data Security Requirements

Hunton Privacy

JUNE 14, 2018

Attorney General Notification: If an entity must notify Colorado residents of a data breach, and reasonably believes that the breach has affected 500 or more residents, it must also provide notice to the Colorado Attorney General.

Data breaches

Data breaches Security Passwords Military

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Publicly disclosed data breaches and cyber attacks: in the spotlight Hathaway breached, 41.5 Data breached: 41,500,000 records. They accessed 41.5

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Effective October 2021

Hunton Privacy

AUGUST 2, 2021

In passing the law, Connecticut joins a number of other states in expanding the definition of “personal information” in its data breach notification statute. requiring “preliminary substitute notice” to individuals if a business cannot provide direct notification within the 60-day notification timeframe.

Cybersecurity

Cybersecurity Insurance Military Data Privacy

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

GDPR, the EU’s flagship data privacy and “right to be forgotten” regulation, has made the stakes of a data breach higher than ever. See the Top Governance, Risk and Compliance (GRC) Tools. Healthcare Data Privacy Laws. Health data and patient data in the U.S. PIPL Raises the Bar – And the Stakes.

Data Privacy

Data Privacy Compliance Privacy Security

US: Surviving the service provider data breach

DLA Piper Privacy Matters

JULY 30, 2019

It’s summer, and life’s a breach. A data breach, that is. It’s your service provider’s breach, but it involves your (more likely, your customer’s) data. So put down the beach reading, for some breach reading. Who “owns” a data breach?

Data breaches

Data breaches Cybersecurity Financial Services Risk

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

IT Governance

FEBRUARY 14, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Financial information, medical data, health reimbursements, postal addresses, telephone numbers and emails are not thought to have been compromised.

Data Privacy

Data Privacy Manufacturing Privacy Security

The Week in Cyber Security and Data Privacy: 20 – 26 November 2023

IT Governance

NOVEMBER 28, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. We’ve also included more details on the top 3 biggest breaches of the week. Breached records: about 9 million. Only 3 definitely haven’t had data breached.

Data Privacy

Data Privacy Privacy Energy and Utilities Data breaches

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

DECEMBER 7, 2023

Compliance Many compliance standards require some form of encryption for data at rest and many also specify requirements for the transmission of data. For example, The Health Insurance Portability and Accountability Act (HIPAA) requires security features such as encryption to protect patients’ health information.

Encryption

Encryption IT Passwords IoT

UAE: Federal level data protection law enacted

DLA Piper Privacy Matters

DECEMBER 3, 2021

There are also new requirements around transfers of data outside of the UAE and requirements to keep data secure, and to notify the new data protection regulator, and in some circumstances data subjects, of data breaches. Definitions. Data breaches. Exceptions. 44) of 2021.

Personal data

Personal data Data breaches GDPR Compliance

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

The purpose of this article is to remove the fear and intimidation of domestic and global data protection laws and show how these laws and requirements are consistent with the existing objectives of your records retention schedule and information governance policy. Definition and Purpose of a Records Retention Schedule.

Personal data

Personal data GDPR Privacy Records Management

Clean-Up Bill Advances to Amend the New California Consumer Privacy Act

Data Matters

SEPTEMBER 5, 2018

The CCPA’s original provisions regarding the interaction between the California law and federal laws like the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Gramm-Leach-Bliley Act (GLBA) have caused confusion and consternation. Several of the amendments impact the CCPA’s private right of action for data breaches.

Privacy

Privacy Compliance Data breaches Sales

New York Enacts Stricter Data Cybersecurity Laws

Data Matters

AUGUST 5, 2019

On July 25, 2019, Governor Cuomo signed the two bills into law, one which amended the state’s data breach notification law, and another that created additional obligations for data breaches at credit reporting agencies. The Stop Hacks and Improve Electronic Data Security Act.

Cybersecurity

Cybersecurity Data breaches Privacy Risk

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Managing the interaction of these new requirements with existing obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California’s Confidentiality of Medical Information Act (CMIA), and other health privacy laws will continue to be an area of focus in the health privacy community for years to come.

Privacy

Privacy Healthcare Sales Insurance

Two Wyoming Bills Amending the State’s Breach Notification Statute Are Headed to the Governor

Hunton Privacy

FEBRUARY 27, 2015

36) that adds several data elements to the definition of “personal identifying information” in the state’s data breach notification statute. 35) that adds content requirements to the notice that breached entities must send to affected Wyoming residents. On February 23, 2015, the Wyoming Senate approved a bill (S.F.36)

Insurance

Insurance Authentication Passwords Data breaches

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Managing the interaction of these new requirements with existing obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California’s Confidentiality of Medical Information Act (CMIA), and other health privacy laws will continue to be an area of focus in the health privacy community for years to come.

Privacy

Privacy Healthcare Sales Insurance

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Managing the interaction of these new requirements with existing obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California’s Confidentiality of Medical Information Act (CMIA), and other health privacy laws will continue to be an area of focus in the health privacy community for years to come.

Privacy

Privacy Healthcare Sales Insurance

US: In Washington State’s landmark facial recognition law, public sector practices come under scrutiny and regulation

DLA Piper Privacy Matters

APRIL 23, 2020

The law also includes a first-in-the-nation definition of “decisions that produce legal effects concerning individuals or other similarly significant effects concerning individuals.” Effective date, scope of application, key definitions. It applies to all state and local government agencies except for the department of licensing.

Privacy

Privacy Government Insurance Data breaches

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

It was also the first to enact data breach notification legislation, which all other states have now followed. The definition of personal information under AB 375 is expansive. The citation makes clear that AB 375 intended to refer to HIPAA, the federal Health Insurance Portability and Accountability Act.). Enforcement.

GDPR

GDPR Privacy Sales Data breaches

The Hacker Mind Podcast: The Internet As A Pen Test

ForAllSecure

MAY 17, 2023

Chris Gray of Deep Watch talks about the view from the inside of a virtual SOC, the ability to see threats against a large number of SMB organizations, and the changes to cyber insurance we’re seeing as a result. VAMOSI: Cybersecurity insurance. cyber insurance as a whole was changing heavily. And why is that?

Insurance

Insurance Privacy Ransomware GDPR

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

The CCPA’s definition of “consumer” is equally broad. This definition therefore not only encompasses a “consumer” in the traditional sense (i.e., The business community is already lobbying the California legislature to narrow this definition. The CCPA governs how businesses treat “consumer” “personal information.”

Privacy

Privacy Sales Compliance Cybersecurity

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

It was also the first to enact data breach notification legislation, which all other states have now followed. The definition of personal information under AB 375 is expansive. The citation makes clear that AB 375 intended to refer to HIPAA, the federal Health Insurance Portability and Accountability Act.). Enforcement.

GDPR

GDPR Privacy Sales Data breaches

Saudi Arabia’s New Data Protection Law – What you need to know

DLA Piper Privacy Matters

OCTOBER 7, 2021

However the PDPL itself does not refer to a concept of processing for “legitimate interests” in the same manner as the GDPR, and indeed as other data protection frameworks in the region allow for. Credit data access. What are the steps the organisation will take? Who within your organisation is responsible?

Personal data

Personal data Compliance Computer and Electronics IoT

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Hunton Privacy

OCTOBER 14, 2021

During the week of October 4, 2021, California Governor Gavin Newsom signed into law bills amending the California Privacy Rights Act of 2020 (“CPRA”), California’s data breach notification law and California’s data security law. Genetic Data: California Data Breach Notification and Data Security Law Amendment Bill.

Privacy

Privacy Insurance Security Data breaches

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

The CCPA’s definition of “consumer” is equally broad. This definition therefore not only encompasses a “consumer” in the traditional sense (i.e., The business community is already lobbying the California legislature to narrow this definition. The CCPA governs how businesses treat “consumer” “personal information.”

Privacy

Privacy Sales Education Compliance

Preparing for Ransomware: Are Backups Enough?

eSecurity Planet

SEPTEMBER 10, 2021

For ransomware attacks where network data gets encrypted , backups are the definitive method for restoring network infrastructure. Successful ransomware attacks additionally constitute a data breach that can push organizations into violating their governance, risk, and compliance (GRC) obligations.

Ransomware

Ransomware Encryption Cybersecurity Access

The Week in Cyber Security and Data Privacy: 1 – 7 April 2024

IT Governance

APRIL 9, 2024

67,273,297 known records breached in 130 newly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks.

Data Privacy

Data Privacy Privacy Security Manufacturing

White House Releases Discussion Draft for a Consumer Privacy Bill of Rights

Hunton Privacy

MARCH 2, 2015

“Personal data” is broadly defined under the Act as “any data … under the control of a covered entity, not otherwise generally available to the public through lawful means, and … linked, or as a practical matter linkable by the covered entity, to a specific individual, or linked to a device that is associated with or routinely used by an individual.”

Privacy

Privacy Personal data Risk Insurance

Alabama Passes Data Breach Notification Law; Breach Laws Now on the Books in All 50 States

Data Matters

MARCH 30, 2018

Alabama has joined the ranks of the other 49 states with breach notification requirements by enacting the Alabama Data Breach Notification Act of 2018 (the “Act”). Notification is triggered by a determination of a breach that poses a risk of harm to impacted individuals. And then there were none.

Data breaches

Data breaches Insurance Encryption Passwords

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

66,702,148 known records breached in 103 newly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 6.9

Data Privacy

Data Privacy Privacy Security Data breaches

The Week in Cyber Security and Data Privacy: 26 February – 3 March 2024

IT Governance

MARCH 5, 2024

252,796,762 known records breached in 126 newly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks.

Data Privacy

Data Privacy Privacy Manufacturing Retail

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

IT Governance

JANUARY 23, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data set is a collection of 1 billion credentials sourced from stealer logs and hosted on the illicit.services website. Data breached: 70,840,771 email addresses.

Data Privacy

Data Privacy Privacy Manufacturing Retail

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

IT Governance

DECEMBER 5, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: over 300 million records. Data breached: 35 TB. According to Cybernews , one of the data sets contained 13.3 Data breached: 13.3

Data Privacy

Data Privacy Privacy Manufacturing Retail

The Week in Cyber Security and Data Privacy: 15 – 21 April 2024

IT Governance

APRIL 22, 2024

16,482,365 known records breached in 240 newly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks.

Data Privacy

Data Privacy Privacy Manufacturing Security

The Weeks in Cyber Security and Data Privacy: 18 – 31 December 2023

IT Governance

JANUARY 3, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. We’ll also soon publish our 2023 review of publicly disclosed incidents and records known to be breached across the year, as well as our quarterly report, so keep an eye on our blog.

Data Privacy

Data Privacy Insurance Manufacturing Retail

Connecticut Tightens its Data Breach Notification Laws

What Is Integrated Risk Management? Definition & Implementation

Webinars

Trending Sources

Data Breaches and Cyber Attacks in October 2023 – 867,072,315 Records Breached

Webinars

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Morrisons heads to the Supreme Court over data breach

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

Alabama Becomes Final State to Enact Data Breach Notification Law

Arizona Amends Data Breach Notification Law

Colorado Amends Data Breach Notification Law and Enacts Data Security Requirements

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Effective October 2021

Security Compliance & Data Privacy Regulations

US: Surviving the service provider data breach

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

The Week in Cyber Security and Data Privacy: 20 – 26 November 2023

What Is Encryption? Definition, How it Works, & Examples

UAE: Federal level data protection law enacted

The Impact of Data Protection Laws on Your Records Retention Schedule

Clean-Up Bill Advances to Amend the New California Consumer Privacy Act

New York Enacts Stricter Data Cybersecurity Laws

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

Two Wyoming Bills Amending the State’s Breach Notification Statute Are Headed to the Governor

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

US: In Washington State’s landmark facial recognition law, public sector practices come under scrutiny and regulation

California Enacts Broad Privacy Laws Modeled on GDPR

The Hacker Mind Podcast: The Internet As A Pen Test

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

California Enacts Broad Privacy Protections Modeled on GDPR

Saudi Arabia’s New Data Protection Law – What you need to know

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Preparing for Ransomware: Are Backups Enough?

The Week in Cyber Security and Data Privacy: 1 – 7 April 2024

White House Releases Discussion Draft for a Consumer Privacy Bill of Rights

Alabama Passes Data Breach Notification Law; Breach Laws Now on the Books in All 50 States

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

The Week in Cyber Security and Data Privacy: 26 February – 3 March 2024

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

The Week in Cyber Security and Data Privacy: 15 – 21 April 2024

The Weeks in Cyber Security and Data Privacy: 18 – 31 December 2023

Stay Connected