Data Protection Report

JUNE 2, 2021

million settlement with two related insurance companies, relating to violations of two different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2019. This matter began when insurance affiliate #1, licensed by NYDFS, discovered a phishing email in September of 2018. NYDFS Cybersecurity Regulation.

Cybersecurity 71

Cybersecurity Insurance Financial Services Phishing 71

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information.

Cybersecurity 68

Cybersecurity Financial Services Risk Compliance 68

Data Matters

JANUARY 2, 2018

This past year was marked by ever more significant data breaches, growing cybersecurity regulatory requirements at the state and federal levels and continued challenges in harmonizing international privacy and cybersecurity regulations. As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR.

Cybersecurity 68

Cybersecurity Privacy Data breaches GDPR 68

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

Security Affairs

SEPTEMBER 10, 2020

At the time of the attack, the ransomware operators published images of the data they claim to have stolen before encrypting the systems at the company. The news was also confirmed by the experts at the data breach notification service Under the Breach.

Ransomware 65

Ransomware Data breaches Insurance Encryption 65

Hunton Privacy

JUNE 6, 2019

On May 24, 2019, Oregon Governor Kate Brown signed Senate Bill 684 (the “Bill”) into law. The Bill extends those obligations to “vendors,” meaning any person with which a previously covered entity contracts to maintain, store, process or otherwise access personal information.

Data breaches 48

Data breaches Insurance Authentication Compliance 48

Security Affairs

JANUARY 7, 2020

Minnesota-based Alomere Health discloses a data leak that exposed personal and medical information of 49,351 patients. Personal and medical information of 49,351 patients of Minnesota-based Alomere Health might have been exposed following the compromise of two employees’ email accounts.

Insurance 59

Insurance Access Security IT 59

Security Affairs

JUNE 26, 2019

A few days ago, Riviera Beach City agreed to pay $600,000 in ransom , now less than a week later, another city in Florida opted to do the same to recover its data after a ransomware attack. Lake City is a small city in Florida with a population of 65,000 that was hit by ransomware earlier on June 10.

Ransomware 90

Ransomware Insurance Government IT 90

KnowBe4

MARCH 14, 2023

CyberheistNews Vol 13 #11 | March 14th, 2023 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears Robert Lemos at DARKReading just reported on a worrying trend. In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2%

Phishing 87

Phishing Security Artificial Intelligence Security awareness 87

IT Governance

FEBRUARY 21, 2019

This week, we discuss a security flaw affecting 1Password, Dashlane, KeePass and LastPass; the prevalence of historic vulnerabilities in corporate IT systems; the increase in formjacking attacks; and Wendy’s $50 million data breach settlement. Hello, and welcome to the IT Governance podcast for Thursday, 21 February 2019.

Passwords 76

Passwords Data breaches Retail Government 76

Security Affairs

OCTOBER 13, 2019

The hospital chain hasn’t revealed the amount it has paid to the crooks to decrypt the data, it seems that an insurance covered the cost. The operations at the hospitals were severely impacted for 10 days during which the hospitals kept treating people, but new patients were sent to other hospitals in Birmingham or Mississippi.

Ransomware 77

Ransomware Insurance Paper Government 77

Security Affairs

AUGUST 8, 2021

All material from 2018-2019. Figure 5 – Screenshot from Group-IB Threat Intelligence & Attribution system Nevertheless, according to Group-IB’s findings, despite the post author’s claim that the cards were compromised from 2018-2019, 97% of the records in the database are still valid. Valid at 3%.

Marketing 128

Marketing Sales IT Insurance 128

Data Matters

FEBRUARY 10, 2022

Chair Gensler also stressed the importance of proper disclosure regimes for non-public-company service providers — including, for example, cloud companies, investor reporting systems and providers, and data analytics. Best Practices for Public Companies. The SEC may consider several revisions to this regulation.

Cybersecurity 88

Cybersecurity Marketing Risk Compliance 88

HL Chronicle of Data Protection

OCTOBER 21, 2019

Regulators, industry experts, and researchers provided insight into health privacy and security enforcement trends, emerging threats, and new tools at a recent conference focused on the Health Insurance Portability and Accountability (HIPAA) regulatory framework. New guidance and frameworks for health data not regulated by HIPAA.

Risk 40

Risk Compliance Privacy Phishing 40

Security Affairs

NOVEMBER 29, 2019

Group-IB, has analyzed key recent changes to the global cyberthreat landscape in the “Hi-Tech Crime Trends 2019/2020” report. According to Group-IB’s experts, the most frustrating trend of 2019 was the use of cyberweapons in military operations. As for 2019, it has become the year of covert military operations in cyberspace.

IT 84

IT Military Cybersecurity Phishing 84

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. With evolving attack methodologies due to machine learning, quantum computing, and sophisticated nation-state hackers, security startups are receiving record funding.

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142