Data Matters

FEBRUARY 11, 2019

On December 28, 2018, Michigan adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law in the form of Michigan H.B. The Act defines licensees as persons authorized, registered, or licensed under Michigan insurance laws or required to be so. 6491 (Act). MCL § 500.550.

Insurance 68

Insurance Security Cybersecurity FOIA 68

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Alex Holden is founder of Hold Security , a Milwaukee-based cybersecurity firm. “ TA505 “), and a newer ransom group known as Venus.

Ransomware 260

Ransomware Metadata Insurance Encryption 260

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July.

Insurance 87

Insurance Data breaches Financial Services Passwords 87

Security Affairs

APRIL 30, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 91

Security Ransomware Cybersecurity Authentication 91

Security Affairs

NOVEMBER 17, 2023

” In response to the security incident, the company took the impacted systems offline and launched an investigation with the help of law enforcement. The security incident appears to have been limited to TFS Europe & Africa. TFS offers various financial products, including auto loans, leases, and insurance solutions.

Financial Services 124

Financial Services Ransomware Data breaches Insurance 124

Security Affairs

DECEMBER 11, 2023

TFS offers various financial products, including auto loans, leases, and insurance solutions. Toyota Financial Services warns its German customers to remain vigilant and contact their bank to take additional security precautions. Toyota also notified the data protection officer for North Rhine-Westphalia about the security breach.

Financial Services 114

Financial Services Data breaches Ransomware Insurance 114

Krebs on Security

JANUARY 23, 2019

federal government shutdown is having a tangible, negative impact on cybercrime investigations, according to interviews with federal law enforcement investigators and a report issued this week by a group representing the interests of FBI agents. As a nation, we are much less safe from a cyber security posture than we were a month ago.”

Security 258

Security Government Insurance Cybersecurity 258

eSecurity Planet

MARCH 18, 2022

Many security professionals think that if they have done the hard work of securing their organization, that should be enough. There is, however, a next step: Documenting policies. Written documentation. Written security policies. However, even a handwritten spiral notebook could work for a small organization.

IT 122

IT Compliance Security Access 122

Security Affairs

JANUARY 23, 2024

The Black Basta ransomware group added Southern Water to the list of victims on its Tor data leak site and threatened to leak the stolen data on February 29, 2024. At this time, it is unknown what ransom the group has demanded from the victim. At this time, it is unknown what ransom the group has demanded from the victim.

Encryption 119

Encryption Ransomware Blockchain Insurance 119

Security Affairs

DECEMBER 16, 2023

The threats were sent to a number of former and current Fred Hutch patients — as well as some who have received care from Hutch partner UW Medicine — and claimed the names, Social Security numbers, phone numbers, medical history, lab results and insurance history of more than 800,000 patients had been compromised.”

Ransomware 113

Ransomware Insurance Education Marketing 113

Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. The Privacy Working Group has been reviewing state insurance privacy protections regarding the collection, ownership, use, and disclosure of information gathered in connection with insurance transactions.

Insurance 78

Insurance Paper Privacy Risk 78

Krebs on Security

AUGUST 29, 2019

-based PerCSoft is a cloud management provider for Digital Dental Record (DDR), which operates an online data backup service called DDS Safe that archives medical records, charts, insurance documents and other personal information for various dental offices across the United States. ” Read the full ProPublica piece here. .

Ransomware 222

Ransomware Insurance Encryption Cloud 222

Security Affairs

MAY 9, 2019

US DoJ indicted a member of sophisticated China-based hacking group for series of computer intrusions. The group is also responsible for the 2015 Health Insurer Anthem data breach. The group targeted at least four US companies between February 2014 and January 2015, court documents only named Anthem as one of the victims.

Insurance 71

Insurance Data breaches Phishing Privacy 71

Data Matters

SEPTEMBER 20, 2021

The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. Highlights include, among others, adoption of revised risk-based capital bond factors for life insurers, amendments to SSAP No. NAIC Adopts Revised Risk-Based Capital Bond Factors for Life Insurers.

Insurance 88

Insurance e-Delivery Paper Sales 88

Krebs on Security

JUNE 1, 2023

Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware.

Healthcare 237

Healthcare Passwords Sales Ransomware 237

Security Affairs

JANUARY 6, 2019

The Dark Overlord published the first batch of decryption keys for 650 confidential documents related to the 9/11 terrorist attacks. In April 2018, Hiscox acknowledged the data breach and confirmed that the hacked server “may have included information relating to up to 1,500 of Hiscox’s US-based commercial insurance policyholders.”.

Insurance 111

Insurance Data breaches Sales Government 111

Security Affairs

OCTOBER 1, 2023

Experts warn that the recent attack on building automation giant Johnson Controls may have exposed data of the Department of Homeland Security (DHS). The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management. “The

Ransomware 129

Ransomware Insurance Cybersecurity Encryption 129

Security Affairs

AUGUST 28, 2019

Recent campaigns show t hreat actors behind the Dridex and Locky malware families , the TA505 group, have updated tactics and expanded its target list. Trend Micro revealed that the TA505 group that is behind the Dridex and Locky malware families continue to make small changes to its operations. ” continues the report.

e-Delivery 73

e-Delivery Insurance Retail Government 73

Security Affairs

JANUARY 7, 2023

The gang initially leaked samples of the stolen data as proof of the attack, it claimed to have stolen contracts, NDA and other agreements documents, company private info (budgets, plans, evaluations, revenue cycle, investors relations, company structure, etc.), ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon. .”

Ransomware 83

Ransomware Insurance Data breaches Access 83

Krebs on Security

AUGUST 17, 2023

Security experts investigating 16Shop found the service used an application programming interface (API) to manage its users, an innovation that allowed its proprietors to shut off access to customers who failed to pay a monthly fee, or for those attempting to copy or pirate the phishing kit. Image: ZeroFox.

Phishing 189

Phishing Passwords Insurance Sales 189

Security Affairs

FEBRUARY 26, 2023

The attackers compromised one of the company systems and had access to the emails and documents of some employees. Mandiant researchers speculate the attack was conducted by a China-linked APT group. ” The company added that they are not aware of reports of identity theft or fraud in connection with the security breach. .”

IT 90

IT Data breaches Insurance Cybersecurity 90

Data Matters

SEPTEMBER 3, 2020

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. Annuity Suitability Working Group Drafting FAQ Document to Facilitate Uniformity in State Adoption of Revised Suitability in Annuity Transactions Model Regulation.

Insurance 68

Insurance Paper Artificial Intelligence Big data 68

eSecurity Planet

JANUARY 5, 2024

It aims to prevent unauthorized access, manage data movement, and guard against potential security threats. When creating the firewall policy draft, these elements make up a detailed set of rules and guidelines controlling the use, management, and security configurations of a firewall inside an organization.

Compliance 99

Compliance Access Communications Cybersecurity 99

IT Governance

OCTOBER 31, 2023

Incident details: The Russian hacking group APT28 has been targeting a range of unspecified French organisations for the past two years, according to an ANSSI report. Thousands of drivers have sensitive data exposed to hackers in major IT breach Date of breach: Unclear, but breached documents date back to 2017.

Data Privacy 52

Data Privacy Privacy Data breaches Security 52

IT Governance

JUNE 1, 2023

IT Governance found 98 publicly disclosed security incidents in May 2023, accounting for 98,226,877 breached records. We break down the month’s cyber security landscape for each month, and you can find more information about our list and the biggest security incidents of the month.

Data breaches 98

Data breaches Ransomware Insurance Personal data 98

Hunton Privacy

DECEMBER 1, 2020

Carrefour France and Carrefour Banque are both affiliates of the French retail group, the Carrefour Group. The group has diversified its activities into the banking and insurance, travel agency and e-commerce sectors. As soon as that identity is confirmed, it is no longer necessary to keep a copy of the ID document.

GDPR 91

GDPR Personal data Data collection Marketing 91

Armstrong Archives

DECEMBER 19, 2023

Everything from tax documents to employee files to bank statements must be kept on file, often for years at a time. At Armstrong Archives , we’re proud to stand at the forefront of records management, offering expert guidance in record retention policy and document management, ensuring that our clients stay compliant and efficient.

Compliance 52

Compliance Archiving Digital transformation Sales 52

IT Governance

NOVEMBER 1, 2022

We identified 102 security incidents throughout the month, which is the second largest figure so far this year – trailing only August (112). Meanwhile, be sure to subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. Cyber attacks.

Data breaches 111

Data breaches Ransomware Insurance Phishing 111

IT Governance

NOVEMBER 20, 2023

a property management company in Kentucky Incident details: The ransomware group Hunters International has added Homeland, Inc. According to databreaches.net , the group exfiltrated tenant information, service management information, financial data, business data, property data, employee data and sensitive business information.

Data Privacy 52

Data Privacy Privacy Data breaches Security 52

IT Governance

JULY 4, 2023

IT Governance found 79 publicly disclosed security incidents in June 2023, accounting for 14,353,113 breached records. We break down the month’s cyber security landscape for each month, and you can find more information about our list and the biggest security incidents of the month.

Data breaches 96

Data breaches Ransomware Government Insurance 96

Everteam

DECEMBER 27, 2022

Jean-Mathieu BONNEFOUS – Orano Group. In this episode, we are pleased to welcome Jean-Mathieu Bonnefou, who talks about the records management policy within the Orano group. Adrian CIOCAN – La MAIF / MAIF Insurance. Pierre-Vincent Bruys – SAFRAN Group. Thierry le Guillou – PSA Stellantis Group.

Records Management 52

Records Management Information governance Archiving Government 52

DLA Piper Privacy Matters

OCTOBER 25, 2022

On 24 October 2022, the ICO issued a penalty notice (MPN) to Interserve Group Limited (Interserve), imposing a fine of £4.4m The ICO found that Interserve had failed to put appropriate technical and organisational measures in place to secure personal data (in contravention of Articles 5(1)(f) and 32 GDPR) for a period of ~20 months.

Security 52

Security GDPR Personal data Insurance 52

Data Matters

SEPTEMBER 4, 2019

The National Association of Insurance Commissioners (NAIC) held its Summer 2019 National Meeting (Summer Meeting) in New York City from August 3 to 6, 2019. The amended regulation took effect on August 1, 2019, for annuity products and will become effective on February 1, 2020, for life insurance products.

Insurance 68

Insurance Paper Risk Analytics 68

Krebs on Security

JULY 27, 2020

based cyber intelligence firm Hold Security has been monitoring the communications between and among a businesses ID theft gang apparently operating in Georgia and Florida but targeting businesses throughout the United States. Another team member works on revising the business documents and registering them on various sites.

Energy and Utilities 355

Energy and Utilities Computer and Electronics Insurance Risk 355

ARMA International

APRIL 28, 2022

These undertakings require planning, communication, documentation, and collaboration to be successful. Moving all boxes, books of value, documents, paintings, pictures, and historical objects out of areas with non-boarded windows into the hallway, foyer, or other enclosed areas and placing them on tables to avoid water damage.

Records Management 97

Records Management Archiving Insurance Communications 97

Security Affairs

MAY 1, 2020

Anyway, the group explained that they did not encrypt the bank documents in February, because it “was at least incorrect during the world pandemic” The stolen data includes 4 million unique credit card records, and 140,000 allegedly belonging to USA citizens. Banco BCR has yet to disclose the security breach.

Ransomware 136

Ransomware Encryption Insurance Data breaches 136

Security Affairs

APRIL 8, 2020

A criminal group called Maze has claimed responsibility.” “Many of the ID documents we have on file have expired, but if you believe you provided to HMR IDs that are still valid, report these documents as being compromised to the organisation that issued them.” ” continues the notification.

Ransomware 103

Ransomware Data breaches Encryption Financial Services 103