Data breaches, Document, Financial Services and Insurance

Toyota Financial Services discloses a data breach

Security Affairs

DECEMBER 11, 2023

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data.

Financial Services

Financial Services Data breaches Ransomware Insurance

Medusa ransomware gang claims the hack of Toyota Financial Services

Security Affairs

NOVEMBER 17, 2023

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Toyota Financial Services confirmed the discovery of unauthorized activity on systems in a limited number of its locations. The company has yet to disclose a data breach.

Financial Services

Financial Services Ransomware Data breaches Insurance

NY Investigates Exposure of 885 Million Mortgage Documents

Krebs on Security

MAY 31, 2019

On May 24, KrebsOnSecurity broke the news that First American had just fixed a weakness in its Web site that exposed approximately 885 million documents — many of them with Social Security and bank account numbers — going back at least 16 years. No authentication was needed to access the digitized records. ”

Financial Services

Financial Services Insurance Sales Authentication

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July.

Insurance

Insurance Data breaches Financial Services Passwords

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. based First American [ NYSE:FAF ] is a leading provider of title insurance and settlement services to the real estate and mortgage industries. It employs some 18,000 people and brought in $6.2

Insurance

Insurance Financial Services Mining Access

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance

Insurance Cybersecurity Data breaches Financial Services

Maze ransomware gang discloses data from drug testing firm HMR

Security Affairs

APRIL 8, 2020

The drug testing firm Hammersmith Medicines Research LTD (HMR), which performs live trials of Coronavirus vaccines, discloses a data breach. ” reads the data breach notification published by the company. The research firm revealed that many of the government IDs exposed in the data breach have since expired.

Ransomware

Ransomware Data breaches Encryption Financial Services

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

GDPR, the EU’s flagship data privacy and “right to be forgotten” regulation, has made the stakes of a data breach higher than ever. Healthcare Data Privacy Laws. Health data and patient data in the U.S. In the U.S., for example, all 50 states (along with the District of Columbia, Puerto Rico, the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

Late last year, Atrium Health disclosed it lost sensitive data for some 2.65 The culprit: lax practices of a third-party data and analytics contractor. Related: Atrium Health breach highlights third-party risks. There is impetus for change – beyond the fear of sustaining a major data breach.

Risk

Risk Financial Services Insurance Cybersecurity

NYDFS settles cybersecurity regulation matter for $3 million

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. A threat actor gained access to an employee’s document management system account. NYDFS Cybersecurity Regulation. The second incident occurred in March of 2019.

Cybersecurity

Cybersecurity Financial Services Phishing Compliance

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

ICICI Bank leaked millions of records with sensitive data, including financial information and personal documents of the bank’s clients. A misconfiguration of the bank systems exposed millions of records with sensitive data. Cybernews contacted ICICI Bank and CERT-IN, and the company fixed the issue.

Personal data

Personal data Phishing Risk Financial Services

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Data Matters

APRIL 20, 2021

This development indicates that sponsors and fiduciaries may soon be subject to focused scrutiny over their cybersecurity practices in DOL investigations and adds to the multiple existing sources of cybersecurity legal risk in the wake of data breaches or insufficient cybersecurity controls.

Cybersecurity

Cybersecurity Insurance Risk Compliance

Medical Records Storage and Physicians’ Responsibilities Upon Closing their Practice

Shoreline Records Management

AUGUST 21, 2023

These facilities also implement redundant systems and data backups to ensure data integrity and availability. HIPAA Compliance In healthcare data management, the Health Insurance Portability and Accountability Act (HIPAA) protects patient privacy and the security of medical records.

Records Management

Records Management Paper Compliance Access

Marriott Breach: More than 500 Million Guest Affected

Adam Levin

NOVEMBER 30, 2018

If you prefer a more laid back approach, sign up for free transaction alerts from financial services institutions and credit card companies, or subscribe to a credit and identity monitoring program, 3. Monitor your accounts. Check your credit report every day, keep track of your credit score, review major accounts daily if possible.

Financial Services

Financial Services Encryption Passwords Communications

Expect More Spam Calls and SIM-Card Scams: 400 Million Phone Numbers Exposed

Adam Levin

SEPTEMBER 5, 2019

Don’t authenticate yourself to anyone unless you are in control of the interaction, don’t over-share on social media, be a good steward of your passwords, safeguard any documents that can be used to hijack your identity, and freeze your credit. Monitor your accounts.

Mining

Mining Authentication Financial Services Privacy

New York Enacts Stricter Data Cybersecurity Laws

Data Matters

AUGUST 5, 2019

On July 25, 2019, Governor Cuomo signed the two bills into law, one which amended the state’s data breach notification law, and another that created additional obligations for data breaches at credit reporting agencies. The Identity Theft Prevention and Mitigation Services Act. codified at N.Y.

Cybersecurity

Cybersecurity Data breaches Privacy Risk

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

The purpose of this article is to remove the fear and intimidation of domestic and global data protection laws and show how these laws and requirements are consistent with the existing objectives of your records retention schedule and information governance policy. Making the Records Retention Schedule Compliant with Data Protection Laws.

Personal data

Personal data GDPR Privacy Records Management

CIPL and AvePoint Release Global GDPR Readiness Report

Hunton Privacy

NOVEMBER 10, 2016

Telecommunication and technology companies were the most represented respondents, followed by insurance and financial services companies, as well as pharmaceutical and healthcare companies. The survey respondents were a mix of both data controllers and data processors, with 57 percent controllers and 43 percent processors.

GDPR

GDPR Data Privacy Compliance Privacy

Top GRC Tools & Software for 2021

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others.

Compliance

Compliance Risk Government Retail

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others.

Compliance

Compliance Risk Government Retail

50 Ways to Avoid Getting Scammed on Black Friday

Adam Levin

NOVEMBER 17, 2020

Never use duplicate usernames or passwords across any of your online accounts to limit your exposure in case of a data breach. Shred financial documents. A strong password contains a random collection of uppercase and lowercase letters, numbers and symbols or a series of disassociated words, numbers and characters.

Retail

Retail e-Delivery Passwords Phishing

Cybersecurity: Managing Risks With Third Party Companies

Cyber Info Veritas

JULY 19, 2018

Did you know that 63% of all data breaches are directly or indirectly linked to third party companies? This article will focus on some strategies that organizations should consider implementing in order to mitigate their cybersecurity risk as far as third-party service providers are concerned.

Risk

Risk Cybersecurity Compliance Data breaches

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

IT Governance

DECEMBER 11, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: more than 59 million data records. BianLian claims to have exfiltrated 5 TB of data, comprising millions of sensitive documents.

Data Privacy

Data Privacy Energy and Utilities Privacy Manufacturing

The Week in Cyber Security and Data Privacy: 8 – 14 January 2024

IT Governance

JANUARY 16, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data is no longer publicly available. Data breached: >223,000,000 records. Data breached: >7,000,000 records. Data breached: 5,500,000 records.

Data Privacy

Data Privacy Privacy Manufacturing Retail

The Hacker Mind Podcast: Going Passwordless

ForAllSecure

JANUARY 19, 2022

You might not think of it as a major aspect of security and yet, stolen credentials are really the key to data breaches today. In most cases, this regards the European Union’s General Data Protection Regulation or GDPR, and in the UK that law continues as the UK GDPR. So today, we'll go for the low hanging fruit.

Passwords

Passwords Authentication Access Data breaches

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

Board-management discussions about cyber risk should include identification of which risks to avoid, which to accept, and which to mitigate or transfer through insurance, as well as specific plans associated with each approach. Indeed, given that U.S.

Cybersecurity

Cybersecurity Risk Passwords Authentication

President Trump Signs Financial Services Regulatory Reform Legislation

Data Matters

JUNE 5, 2018

The definition of “banking entity” now excludes insured depository institutions (and their parent companies and affiliates) if (i) the institution has less than $10 billion in total consolidated assets and (ii) the institution’s trading assets and liabilities are less than 5 percent of its total consolidated assets.

Financial Services

Financial Services Insurance Privacy Authentication

Data Governance Tools: What Are They? Are They Optional?

erwin

NOVEMBER 14, 2019

In recent years, hard mandates for data governance also have increased. In the United States, the Health Insurance Portability and Accountability Act (HIPAA) requires organizations in the healthcare space to protect the privacy and security of certain health information. Data Governance Tools and Data Ethics.

Government

Government Data breaches Metadata GDPR

Data Governance Tools: What Are They? Are They Optional?

erwin

NOVEMBER 14, 2019

In recent years, hard mandates for data governance also have increased. In the United States, the Health Insurance Portability and Accountability Act (HIPAA) requires organizations in the healthcare space to protect the privacy and security of certain health information. Data Governance Tools and Data Ethics.

Government

Government Data breaches Metadata GDPR

Information Management Today

Toyota Financial Services discloses a data breach

Medusa ransomware gang claims the hack of Toyota Financial Services

Webinars

Trending Sources

NY Investigates Exposure of 885 Million Mortgage Documents

Webinars

American Insurance firm State Farm victim of credential stuffing attacks

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

NY Charges First American Financial for Massive Data Leak

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

Maze ransomware gang discloses data from drug testing firm HMR

Security Compliance & Data Privacy Regulations

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

NYDFS settles cybersecurity regulation matter for $3 million

Multinational ICICI Bank leaks passports and credit card numbers

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Medical Records Storage and Physicians’ Responsibilities Upon Closing their Practice

Marriott Breach: More than 500 Million Guest Affected

Expect More Spam Calls and SIM-Card Scams: 400 Million Phone Numbers Exposed

New York Enacts Stricter Data Cybersecurity Laws

The Impact of Data Protection Laws on Your Records Retention Schedule

CIPL and AvePoint Release Global GDPR Readiness Report

Top GRC Tools & Software for 2021

Top 10 Governance, Risk and Compliance (GRC) Vendors

50 Ways to Avoid Getting Scammed on Black Friday

Cybersecurity: Managing Risks With Third Party Companies

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

The Week in Cyber Security and Data Privacy: 8 – 14 January 2024

The Hacker Mind Podcast: Going Passwordless

An Approach to Cybersecurity Risk Oversight for Corporate Directors

President Trump Signs Financial Services Regulatory Reform Legislation

Data Governance Tools: What Are They? Are They Optional?

Data Governance Tools: What Are They? Are They Optional?

Stay Connected