IT Governance

MARCH 1, 2023

Welcome to our February 2023 list of data breaches and cyber attacks. Our research identified 106 publicly disclosed incidents accounting for 29,582,356 breached records this month. You can find the full list of data breaches and cyber attacks below.

Data breaches 130

Data breaches Ransomware e-Delivery Government 130

The Last Watchdog

AUGUST 19, 2021

Often inadvertent data breaches stem from a well-meaning employee trying to meet the needs of clients but without the technical systems to facilitate. as well as insurance and merchant accounts, to commit insurance fraud and wire fraud. Joshua Arsenio, Director, Security Compass Advisory.

Data breaches 306

Data breaches Authentication Access Personal data 306

Security Affairs

JANUARY 4, 2022

The Broward Health public health system disclosed a massive data breach that has impacted more than 1.3 The Broward Health public health system has suffered a data breach that impacted 1,357,879 individuals. ” reads the data breach notification letter sent to the impacted individuals.

Data breaches 85

Data breaches Passwords Insurance Access 85

IT Governance

MARCH 1, 2022

Our figures for this month are comparatively low – with 83 data breaches and cyber attacks accounting for 5,127,241 breached records – but there is a sense that we are on the brink of something. Meanwhile, you can find the full list of cyber attacks and data breaches for February 2022 below. Data breaches.

Data breaches 134

Data breaches Ransomware Government Blockchain 134

IT Governance

SEPTEMBER 1, 2022

Meanwhile, the bastion of password security, LastPass, announced that its systems had been breached – although the organisation is confident that customers’ details remain secure. Data breaches. confirms security incident (unknown) Friedrich Air Conditioning, LLC announces security breach (unknown) Gibson Overseas, Inc.

Data breaches 116

Data breaches Ransomware Energy and Utilities Phishing 116

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July. Pierluigi Paganini.

Insurance 87

Insurance Data breaches Financial Services Passwords 87

Hunton Privacy

OCTOBER 15, 2021

Bruck and the Division of Consumer Affairs announced a settlement with Diamond Institute for Infertility and Menopause, LLC, over a data breach that compromised the personal information of 14,663 patients, including 11,071 New Jersey residents.

Data breaches 103

Data breaches Privacy Insurance Information Security 103

IT Governance

MAY 2, 2023

Welcome to our April 2023 list of data breaches and cyber attacks. Our research identified 120 publicly disclosed incidents during the month, accounting for 4,353,257 breached records. You can find the full list of data breaches and cyber attacks below, along with our rundown of the biggest incidents of the month.

Data breaches 105

Data breaches Ransomware Personal data Access 105

IT Governance

MARCH 2, 2020

Ordinance Survey discovers breach of employee data (1,000). South Carolina-based United Health notifies patients of 2019 data breach (36). Ashley Madison data breach victims still being hounded by sextortion scammers (unknown). Massive MGM data breach might be a smokescreen for more insidious attack (10.6

Data breaches 145

Data breaches Ransomware Phishing Personal data 145

IT Governance

SEPTEMBER 1, 2020

There were a massive 99 data breaches and cyber attacks in August, making it the third-biggest monthly total of the year by number of security incidents. You can find our full list of publicly disclosed data breaches from August in this blog, with incidents affecting UK organisations listed in bold. Data breaches.

Data breaches 122

Data breaches Ransomware Insurance Manufacturing 122

IT Governance

JANUARY 4, 2021

We’ll have a separate post looking at the year’s data breaches and cyber attacks in more detail, but in the meantime, you can find the full list of December’s incidents below. Data breaches. Data breaches. That brings the total for 2020 to more than 20 billion. Cyber attacks. Ransomware.

Data breaches 116

Data breaches Ransomware Energy and Utilities Computer and Electronics 116

Data Matters

FEBRUARY 6, 2019

On December 3, 2018, twelve attorneys general (“AGs”) jointly filed a data breach lawsuit against Medical Informatics Engineering and its subsidiary, NoMoreClipboard LLC (collectively “the Company”), an electronic health records company, in federal district court in Indiana. See Indiana v. Informatics Eng’g, Inc. , 3:18-cv-00969 (N.D.

Data breaches 83

Data breaches Computer and Electronics Security Insurance 83

IT Governance

OCTOBER 17, 2018

Organisations are facing a war on data breaches, so it’s imperative that ‘know your enemy’ becomes part of their battle tactics. Data breaches come in various forms and sizes – not all incidents are caused by sophisticated cyber attacks. Are you prepared for a data breach? Employee negligence/error.

Data breaches 106

Data breaches Ransomware Security awareness Insurance 106

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4 Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence 93

Artificial Intelligence Data breaches Security Ransomware 93

Data Matters

MAY 2, 2019

On April 22, 2019, the Washington state legislature passed HB1071 (“the Bill”) to strengthen the state’s existing data breach notification law. Usernames or email addresses in combination with passwords or security questions and answers.

Data breaches 68

Data breaches Privacy Passwords Military 68

Security Affairs

DECEMBER 18, 2019

Lab test provider LifeLabs has disclosed a data breach that exposed personal information for up to 15 million Canadians. LifeLabs notified its customers via letter, exposed data includes names, contact information, health card numbers, and for approximately 85,000 customers their lab test results. . ” said Brown.

Data breaches 59

Data breaches Insurance Passwords Access 59

IT Governance

OCTOBER 30, 2018

Rather than posting the usual long list of data breaches and cyber attacks, I’ve decided to go down a new route. It’s been the usual mix of data breaches this month, with lots of mistakes being made and lots of ransoms being paid. Social insurance numbers. Buckets of thumb drives”. Let’s call that issue number one.

Data breaches 110

Data breaches Computer and Electronics Passwords Insurance 110

IT Governance

OCTOBER 30, 2018

Rather than posting the usual long list of data breaches and cyber attacks, I’ve decided to go down a new route. It’s been the usual mix of data breaches this month, with lots of mistakes being made and lots of ransoms being paid. Social insurance numbers. Buckets of thumb drives”. Let’s call that issue number one.

Data breaches 110

Data breaches Computer and Electronics Passwords Insurance 110

Hunton Privacy

MAY 9, 2019

As reported by Bloomberg Law , on May 7, 2019, Washington State Governor Jay Inslee signed a bill ( HB 1071 ) amending Washington’s data breach notification law. HB 1071 provides that if the breach involves a username or password, an entity may provide notice by email. Method of Notification.

Data breaches 68

Data breaches Passwords Insurance Military 68

IT Governance

JUNE 27, 2019

After a rampant start to the year for data breaches and cyber attacks, it’s about time we went one month without at least one massive security incident. June 2019’s total of 39,713,046 breached records is the lowest since May last year – the month that the GDPR (General Data Protection Regulation) came into effect.

Data breaches 111

Data breaches Personal data Ransomware GDPR 111

IT Governance

FEBRUARY 26, 2019

The shortest month of the year is over in a flash, but not before a significant number of data breaches and cyber attacks could take place. I always suggest subscribing to our Daily Sentinel to receive daily updates on the latest data breaches and cyber attacks. Malware breach strikes Chester County computers.

Data breaches 109

Data breaches Sales Phishing Ransomware 109

Krebs on Security

AUGUST 17, 2023

For example, in 2019 McAfee found that for targets in Japan, the 16Shop kit would also collect Web ID and Card Password, while US victims will be asked for their Social Security Number.

Phishing 198

Phishing Passwords Insurance Sales 198

Hunton Privacy

JULY 1, 2022

Since Carnival was licensed by the Department to sell insurance in NY State, it was treated as a covered entity under the Cybersecurity Regulation. NYDFS also found that Carnival had failed to implement basic protocols to prevent data breaches.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

IT Governance

FEBRUARY 21, 2019

This week, we discuss a security flaw affecting 1Password, Dashlane, KeePass and LastPass; the prevalence of historic vulnerabilities in corporate IT systems; the increase in formjacking attacks; and Wendy’s $50 million data breach settlement. Each password manager also attempted to scrub secrets from memory.

Passwords 77

Passwords Data breaches Retail Government 77

Security Affairs

NOVEMBER 17, 2023

The company has yet to disclose a data breach. TFS offers various financial products, including auto loans, leases, and insurance solutions. Medusa Toyota has set the deadline for November 26 and has published a sample of the stolen data as proof of the hack.

Financial Services 123

Financial Services Ransomware Data breaches Insurance 123

IT Governance

MAY 29, 2018

Remember when I said last month that “with the GDPR less than a month away I imagine future lists will be even longer thanks to the introduction of mandatory data breach notifications”? Data breach. Privacy Commissioner says Avenue Living privacy breach poses a risk. HIT Hacked Again? Hacker Steals $1.35

Data breaches 89

Data breaches GDPR Ransomware Passwords 89

IT Governance

JUNE 15, 2022

IT Governance identified more than 1,200 publicly disclosed data breaches in 2021 , while another report found that security incidents cost almost £3 million on average. This is a security mechanism that requires people to enter a second piece of information in addition to a password in order to log on. Weak passwords.

Risk 144

Risk Security Passwords Phishing 144

Hunton Privacy

AUGUST 21, 2017

As reported in BNA Privacy Law Watch , on August 17, 2017, Delaware amended its data breach notification law, effective April 14, 2018. Companies will be required to notify affected individuals of a data breach within 60 days. Notice to the Attorney General. Harm Threshold.

Data breaches 53

Data breaches Passwords Insurance Access 53

Data Protection Report

AUGUST 29, 2017

Earlier this month, Delaware revamped its data breach notification law, with changes to go into effect April 14, 2018. Most notably, the new law requires any entity that has suffered a data breach that includes social security numbers to provide free credit monitoring services to affected residents for one year.

Data breaches 40

Data breaches Insurance Encryption Passwords 40

Hunton Privacy

JUNE 22, 2020

On July 1, 2020, amendments to Vermont’s data breach notification law, signed into law earlier this year, will take effect along with Vermont’s new student privacy law. Security Breach Notice Act.

Data breaches 107

Data breaches Privacy Education Data Privacy 107

Hunton Privacy

APRIL 3, 2018

to enact a data breach notification law. The Alabama Data Breach Notification Act of 2018 (S.B. Key Provisions of the Alabama Data Breach Notification Act of 2018: The law applies to “covered entities” and their “third-party agents.” On March 28, 2018, Alabama became the final state in the U.S.

Data breaches 72

Data breaches Encryption Insurance Risk 72

Krebs on Security

JULY 4, 2020

A reader who was recently the victim of unemployment insurance fraud said he was told he should create an account at the Department of Homeland Security ‘s myE-Verify website , and place a lock on his Social Security number (SSN) to minimize the chances that ID thieves might abuse his identity for employment fraud in the future.

Passwords 294

Passwords Authentication Insurance Mining 294

Krebs on Security

NOVEMBER 3, 2022

” But for all the good it brought, the healthcare records management system that Vastaamo used relied on little more than a MySQL database that was left dangerously exposed to the web for 16 months, guarded by nothing more than an administrator account with a blank password. ” .

Data breaches 202

Data breaches Records Management Insurance Archiving 202

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. How would your organization hold up to a password spraying attack?

Passwords 359

Passwords Access Insurance Government 359

IT Governance

FEBRUARY 16, 2023

In a security notice filed with Montana’s Attorney General office, Pepsi explained that the breach started on 23 December 2022. That Pepsi was able to rectify the situation comparatively quickly is, to some extent, commendable – particularly given that the breach occurred on the last business day before Christmas. What went wrong?

Data breaches 106

Data breaches Insurance Manufacturing Access 106

Hunton Privacy

JUNE 14, 2018

Recently, Colorado’s governor signed into law House Bill 18-1128 “concerning strengthening protections for consumer data privacy” (the “Bill”), which takes effect September 1, 2018.

Data breaches 65

Data breaches Security Passwords Military 65

Hunton Privacy

MAY 24, 2018

On April 11, 2018, Arizona amended its data breach notification law (the “amended law”). The amended law also defines “personal information” to include “an individual’s user name or e-mail address, in combination with a password or security question and answer, which allows access to an online account.”. Harm Threshold.

Data breaches 53

Data breaches Passwords Authentication Insurance 53