Data Matters

FEBRUARY 11, 2019

On December 28, 2018, Michigan adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law in the form of Michigan H.B. The Act defines licensees as persons authorized, registered, or licensed under Michigan insurance laws or required to be so. 6491 (Act). MCL § 500.550.

Insurance 68

Insurance Security Cybersecurity FOIA 68

Data Matters

JUNE 23, 2022

Kentucky and Maryland recently continued the trend of state insurance departments adopting some version of the National Association of Insurance Commissioners’ (“NAIC”) Insurance Data Security Model Law. The post Kentucky and Maryland Recently Joined Other States in Adopting NAIC Model Data Security Law.

Insurance 103

Insurance Security Cybersecurity Information Security 103

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. The company has operations in 25 countries, more than 4,000 employees, and billions in revenue annually. Acting on a tip from Milwaukee, Wis.-based

Ransomware 337

Ransomware Security Agriculture Cybersecurity 337

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. GDPR (among other legal requirements in the EU and elsewhere) can expose multinational organizations to hefty financial penalties, additional rules for disclosing data breaches, and increased scrutiny of the adequacy of their data security.

Data Privacy 138

Data Privacy Compliance Privacy Security 138

Data Matters

JULY 30, 2018

In October 2017, the National Association of Insurance Commissioners (NAIC) adopted an Insurance Data Security Model Law. On May 3, 2018, South Carolina became the first state to enact this Model Law, in the form of the South Carolina Insurance Data Security Act (H.B.

Insurance 60

Insurance Security Cybersecurity Data breaches 60

Thales Cloud Protection & Licensing

NOVEMBER 9, 2021

Evolution of Cloud Security: From Shared Responsibility to Shared Fate. These were just some of the major facets of cloud transformation that are creating challenges for data security that I discussed with Sunil Potti, Vice President and General Manager, Google Cloud in a recent Thales Security Sessions podcast moderated by Neira Jones.

Cloud 123

Cloud Security Encryption Insurance 123

Thales Cloud Protection & Licensing

APRIL 1, 2021

Protecting Sensitive Data with Luna Key Broker for Microsoft Double Key Encryption. Today’s remote working environment relies heavily on the collaborative sharing of information, challenging organizations to maintain the security of confidential data and regulatory compliance while driving employee productivity.

Encryption 79

Encryption Compliance Cloud GDPR 79

Security Affairs

APRIL 10, 2024

The Group Health Cooperative of South Central Wisconsin (GHC-SCW) is a non-profit organization that provides health insurance and medical care services to its members in the Madison metropolitan area of Wisconsin. The Information Technology (IT) Department isolated and secured the organization’s network in response to the incident.

Data breaches 114

Data breaches e-Discovery Ransomware Insurance 114

Security Affairs

JANUARY 2, 2024

A team of researchers released a suite of tools that could help victims to decrypt data encrypted with by the Black Basta ransomware. Independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor.

Ransomware 116

Ransomware Encryption Blockchain Insurance 116

eSecurity Planet

OCTOBER 18, 2022

However, even with the best planning, organizations can find a few users, machines, or systems that were overlooked or whose backup may be corrupted or encrypted. First, call the cyber insurance company that issued the organization’s cybersecurity policy. Insured companies often will not have options. Eliminate attacker access.

Ransomware 129

Ransomware Encryption Insurance Access 129

Hunton Privacy

JANUARY 2, 2019

New cybersecurity rules for insurance companies licensed in South Carolina are set to take effect in part on January 1, 2019. The new law is the first in the United States to be enacted based on the data security model law drafted by the National Association of Insurance Commissioners.

Insurance 77

Insurance Cybersecurity Data breaches Encryption 77

IT Governance

JULY 15, 2019

Cyber insurance is big business these days. Damages incurred by information security incidents generally aren’t covered in commercial insurance policies, so a specific policy is necessary to help cover the costs of things like forensic investigation, incident response and notification procedures.

Insurance 89

Insurance Data breaches Risk Information Security 89

Krebs on Security

AUGUST 29, 2019

-based PerCSoft is a cloud management provider for Digital Dental Record (DDR), which operates an online data backup service called DDS Safe that archives medical records, charts, insurance documents and other personal information for various dental offices across the United States. PercSoft did not respond to requests for comment.

Ransomware 218

Ransomware Insurance Encryption Cloud 218

Security Affairs

JANUARY 23, 2024

In early January, independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor. Depending on the file size, the ransomware encrypts the initial 5000 bytes. continues the researchers.

Encryption 117

Encryption Ransomware Blockchain Insurance 117

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. sought coverage for expenses under its property insurance policy.

Insurance 70

Insurance Cybersecurity Risk Education 70

Krebs on Security

DECEMBER 8, 2022

Alex Holden is founder of Hold Security , a Milwaukee-based cybersecurity firm. First spotted in mid-August 2022 , Venus is known for hacking into victims’ publicly-exposed Remote Desktop services to encrypt Windows devices. Encrypting sensitive data wherever possible. “ Cl0p ” a.k.a. healthcare organizations.

Ransomware 250

Ransomware Metadata Insurance Encryption 250

IT Governance

OCTOBER 24, 2023

Incident details: The company found that data on its network had been encrypted without its knowledge. Incident details: Network security incident, where allegedly AlphV gained unauthorised access and made demands to the hospital’s leadership, suggesting a ransomware attack. Records breached: 91,000 individuals affected.

Data Privacy 107

Data Privacy Privacy Security Data breaches 107

Krebs on Security

FEBRUARY 20, 2024

The government says Russian national Artur Sungatov used LockBit ransomware against victims in manufacturing, logistics, insurance and other companies throughout the United States. This prompted several XSS members to start posting memes taunting the group about the security failure. Ivan Gennadievich Kondratyev , a.k.a.

Ransomware 259

Ransomware Encryption Insurance Manufacturing 259

IT Governance

NOVEMBER 13, 2023

On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”. Some patients also had their Social Security numbers exposed.”

Data Privacy 85

Data Privacy Privacy Security Data breaches 85

IT Governance

JUNE 15, 2022

In an increasingly digital world, there are an escalating number of cyber security risks for business to address. IT Governance identified more than 1,200 publicly disclosed data breaches in 2021 , while another report found that security incidents cost almost £3 million on average. Poor patch management. Weak passwords.

Risk 144

Risk Security Passwords Phishing 144

Krebs on Security

DECEMBER 7, 2019

based Complete Technology Solutions (CTS), was hacked, allowing a potent strain of ransomware known as “Sodinokibi” or “rEvil” to be installed on computers at more than 100 dentistry businesses that rely on the company for a range of services — including network security, data backup and voice-over-IP phone service.

Ransomware 225

Ransomware IT Insurance Encryption 225

Thales Cloud Protection & Licensing

JANUARY 16, 2024

That includes banks, insurances, payment institutions, stock market, and many financial management firms (trading, crypt-assets, etc). That includes banks, insurances, payment institutions, stock market, and many financial management firms (trading, crypt-assets, etc). Cloud users remain responsible for the security in the cloud.

Financial Services 83

Financial Services Cloud Cybersecurity Encryption 83

Thales Cloud Protection & Licensing

JUNE 15, 2023

A Guide to Key Management as a Service madhav Thu, 06/15/2023 - 11:29 As companies adopt a cloud-first strategy and high-profile breaches hit the headlines, securing sensitive data has become a paramount business concern. The most effective way to ensure data security is through encryption and proper key management.

Encryption 133

Encryption Compliance Cloud Authentication 133

Thales Cloud Protection & Licensing

DECEMBER 22, 2020

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing. New EU restrictions could force companies to change data transfer practices and adopt more advanced data encryption methods. In recent years, costly breaches and evolving data security concerns have bubbled up to a board level agenda item.

Data Privacy 118

Data Privacy Privacy Security Encryption 118

Security Affairs

APRIL 30, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 92

Security Ransomware Cybersecurity Authentication 92

Krebs on Security

JULY 19, 2021

Experts say the biggest reason ransomware targets and/or their insurance providers still pay when they already have reliable backups is that nobody at the victim organization bothered to test in advance how long this data restoration process might take. “That is still somewhat rare,” Wosar said.

Ransomware 338

Ransomware Encryption Insurance Cybersecurity 338

Hunton Privacy

JULY 1, 2022

Since Carnival was licensed by the Department to sell insurance in NY State, it was treated as a covered entity under the Cybersecurity Regulation. In addition to the monetary penalty of $5 million, NYDFS also accepted Carnival’s surrender of its insurance producer license; thus, Carnival has ceased selling insurance in New York.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

Security Affairs

MAY 15, 2023

Compromised organizations operate in different business verticals, including manufacturing, wealth management, insurance providers, and pharmaceuticals. The ransomware supports intermittent encryption to speed up the encryption process. This process encrypts only a certain part of the source file’s contents, not the entire file.”

Ransomware 88

Ransomware Encryption Healthcare Insurance 88

eSecurity Planet

MAY 26, 2023

Confidential computing is a technology and technique that encrypts and stores an organization’s most sensitive data in a secure portion of a computer’s processor — known as the Trusted Execution Environment (TEE) — while it’s processed and in use. How Does Confidential Computing Work?

Encryption 73

Encryption Cloud IoT Blockchain 73

Security Affairs

OCTOBER 1, 2023

Experts warn that the recent attack on building automation giant Johnson Controls may have exposed data of the Department of Homeland Security (DHS). The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management. “The

Ransomware 127

Ransomware Insurance Cybersecurity Encryption 127

Adam Levin

APRIL 10, 2019

A security analysis of 30 major banking and financial apps has shown major security holes and a lax approach to protecting user data. Other findings included improperly secured database commands (capable of allowing man-in-the-middle attacks), weak encryption, and the ability to reverse-engineer the app code into a readable format.

Retail 74

Retail Security Insurance Encryption 74

IT Governance

SEPTEMBER 1, 2021

Cyber security is becoming an expensive endeavour for organisations – and in many cases, the costs are so high that they can’t deal with threats appropriately. However, it’s one thing to want to invest in cyber security, but something else entirely to set aside the budget to do so. What is cyber security as a service?

Security 124

Security GDPR Cloud Insurance 124

Thales Cloud Protection & Licensing

MAY 9, 2022

This demonstrates that there are still some businesses that have not learned the lessons of the Colonial Pipeline attack and listened to what security experts and the U.S. For example, both directives makes it mandatory for all agencies to deploy multi-factor authentication and encryption. Cyber insurance coverage ramps up.

Insurance 71

Insurance Ransomware Encryption Authentication 71

Security Affairs

OCTOBER 9, 2021

The company notified via mail hundreds of individuals that were impacted by the security breach and that that have had their personal data exposed in the attack. . “On June 3, 2021, CMG experienced a ransomware incident in which a small percentage of servers in its network were encrypted by a malicious threat actor.

Ransomware 101

Ransomware Insurance Encryption Authentication 101

Security Affairs

AUGUST 21, 2020

The university notified appropriate law enforcement entities, and the university’s Information Security Office (ISO) investigated and resolved the incident in consultation with an external firm that specializes in responding to ransomware attacks.” ” reads a press release published by the University. Pierluigi Paganini.

Ransomware 143

Ransomware Insurance Encryption Information Security 143

eSecurity Planet

JULY 12, 2022

Screens then started to display a ransom demand, which said files had been encrypted by the NetWalker ransomware virus. Cyber Insurer Provides Help. As Spectra Logic had the foresight to take out cyber insurance , Chubb representatives were professional and helpful, according to Mendoza. The ransom demand was $3.6

Ransomware 132

Ransomware Insurance Cybersecurity Passwords 132

Data Matters

AUGUST 27, 2020

Department of Health and Human Services, Office for Civil Rights (“OCR”) has settled three cases related to alleged violations of the Health Insurance Portability and Accountability Act (“HIPAA”), totaling $1,165,000. These settlements underscore OCR’s continued focus on enforcement of the HIPAA Security Rule.

Compliance 68

Compliance Security Risk Encryption 68