Financial Services, Groups, Insurance and Security

Toyota Financial Services discloses a data breach

Security Affairs

DECEMBER 11, 2023

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data.

Financial Services

Financial Services Data breaches Ransomware Insurance

Medusa ransomware gang claims the hack of Toyota Financial Services

Security Affairs

NOVEMBER 17, 2023

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Toyota Financial Services confirmed the discovery of unauthorized activity on systems in a limited number of its locations. The company has yet to disclose a data breach.

Financial Services

Financial Services Ransomware Data breaches Insurance

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July.

Insurance

Insurance Data breaches Financial Services Passwords

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. First American Financial Corp.

Insurance

Insurance Risk Financial Services Mining

A massive DDoS attack took down the site of the German financial agency BaFin

Security Affairs

SEPTEMBER 4, 2023

The BaFin website was included in January in a list of targets published by the pro-Russia group Killnet on its Telegram channel. The German Federal Financial Supervisory Authority (BaFin) is the national financial regulator in Germany, it is a federal agency under the jurisdiction of the Federal Ministry of Finance.

Financial Services

Financial Services Military Insurance Marketing

Building for operational resilience in the age of AI and hybrid cloud

IBM Big Data Hub

MARCH 20, 2024

Organizations in the financial services, healthcare and other regulated sectors must place an even greater focus on managing risk—not only to meet compliance requirements, but also to maintain customer confidence and trust. This means actively minimizing downtime and closing gaps in the supply chain to remain competitive.

Cloud

Cloud Financial Services Risk Business Services

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access

Access Financial Services Retail Insurance

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

IT Governance

NOVEMBER 13, 2023

On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”. Some patients also had their Social Security numbers exposed.”

Data Privacy

Data Privacy Privacy Security Data breaches

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

Fowler sent a responsible disclosure notice when he discovered the database and it was secured the following day. Welfare Benefits Plan Source 1 ; source 2 New Healthcare USA Yes 13,079 Insurance ACE/Humana Inc. Source New Manufacturing USA Yes 20,415 TECA Srl Source New Transport Italy Yes 16.7 GB AGC Flat Glass North America, Inc.

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

NY Payroll Company Vanishes With $35 Million

Krebs on Security

SEPTEMBER 11, 2019

The company that handled that process for MyPayrollHR is a California firm called Cachet Financial Services. Dan L’Abbe , CEO of the San Francisco-based consultancy Granite Solutions Groupe , said the mix-up has been massively disruptive for his 250 employees. “It varies widely,” L’Abbe said.

Financial Services

Financial Services Cloud Insurance IT

Identifying E-signature Requirements to Accelerate Digital Adoption and Meet Global Compliance

AIIM

OCTOBER 15, 2018

Hence the concept of electronic identification and trust services ( eIDAS ) as defined in EU regulation 910/2014 is centered around trust and security and certificate-based signing. Allianz – a global financial services and insurance company – is one of those organizations which had to rethink their approach on e-signatures.

Compliance

Compliance Insurance Digital transformation Authentication

Regulatory Update: NAIC Summer 2019 National Meeting

Data Matters

SEPTEMBER 4, 2019

The National Association of Insurance Commissioners (NAIC) held its Summer 2019 National Meeting (Summer Meeting) in New York City from August 3 to 6, 2019. The amended regulation took effect on August 1, 2019, for annuity products and will become effective on February 1, 2020, for life insurance products.

Insurance

Insurance Paper Risk Analytics

Maze ransomware gang discloses data from drug testing firm HMR

Security Affairs

APRIL 8, 2020

A criminal group called Maze has claimed responsibility.” Once you’ve registered, you should be aware that CIFAS members will do extra checks to see when anyone, including you, applies for a financial service, such as a loan, using your address.” ” reads the data breach notification published by the company.

Ransomware

Ransomware Data breaches Encryption Financial Services

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

KnowBe4

MARCH 28, 2023

Security awareness training still has a place to play here." Email and other elements of software infrastructure offer built-in fundamental security that largely guarantees we are not in danger until we ourselves take action," Tyson writes. Is the email enticing you to click on a link?' I'm being asked to do something here.'"

Phishing

Phishing Security awareness Insurance Cybersecurity

Financial Stability Board to Develop International Cybersecurity Lexicon

Hunton Privacy

MARCH 23, 2018

The note warned that “malicious use of Information and Communication Technologies…could disrupt financial services crucial to both national and international financial systems, undermine security and confidence and endanger financial stability.”.

Cybersecurity

Cybersecurity Financial Services Insurance Communications

Ransomware Protection in 2021

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. Raising awareness about ransomware is a baseline security measure. As training sessions have little influence over staff for every potential attack, it makes added security more imperative.

Ransomware

Ransomware Encryption Insurance Cloud

UK FCA Consults on Changes to Strong Consumer Authentication, Dedicated Interfaces, and Guidance on Payment Services

Data Matters

FEBRUARY 25, 2021

This follows the FCA’s announcement in its 2020-21 business plan that payment services were one of its main supervisory priorities 1 and its temporary guidance of July 9, 2020, on prudential risk management and safeguarding in light of the COVID-19 pandemic ( Temporary COVID Guidance ). its Perimeter Guidance Manual (PERG).

Authentication

Authentication Paper Risk Insurance

CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake

KnowBe4

FEBRUARY 14, 2023

[link] Spear Phishing Attacks Increase 127% As Use of Impersonation Skyrockets Impersonation of users, domains and brands is on the rise, as is the use of malicious links, in response to security vendors improving their ability to detect malicious attachments. Blog post with links: [link] Are Your Users Making Risky Security Mistakes?

Phishing

Phishing Security awareness Compliance Risk

SER’s growth double that of ECM market competition

Info Source

JUNE 7, 2018

(29 May 2018 – Bonn) Around 10% revenue growth: The SER Group has further strengthened its top positioning as the largest European software vendor for enterprise content management * (ECM). In the fiscal year 2017, the SER Group grew more than twice as much as the entire ECM market [1] [1]. Leader in development and service.

ECM

ECM Marketing Content services Artificial Intelligence

Office of Foreign Assets Control: Making or Facilitating Ransomware Payments May Violate U.S. Sanctions

Data Matters

OCTOBER 8, 2020

Treasury’s Financial Crimes Enforcement Network (FinCEN), OFAC is sending a clear signal that making ransomware payments with a sanctions nexus threatens U.S. national security interests and that third-party service providers that facilitate ransomware payments on behalf of a victim must consider and ensure compliance with OFAC regulations.

Ransomware

Ransomware Compliance Risk Government

How women are leading with data in Spain

Collibra

DECEMBER 9, 2020

In partnership with the Women of Collibra Employee Resource Group, we asked these two data governance professionals about their beginnings in the data industry, what it is like to become a Collibra Ranger and what can be done to promote more women in the field. Nuria : Senior Associate in the Business Security Solutions area.

Government

Government Financial Services Insurance Analytics

A consumer perspective on FinTech disruption (part 1)

CGI

DECEMBER 22, 2016

The 12 digital services analyzed by the survey include the following: protection, personal finance management (PFM), mobile payments, personalized digital experience, IoT-based auto insurance pricing, personalized offers, bartering, alternative currency, mobile cash flow manager, P2P lending, robo-advice, and alternative credit scoring.

Financial Services

Financial Services Retail IoT Insurance

Regulatory Update: NAIC Fall 2020 National Meeting

Data Matters

DECEMBER 28, 2020

The National Association of Insurance Commissioners (NAIC) held its Fall 2020 National Meeting (Fall Meeting) December 3-9, 2020. NAIC Adopts the Group Capital Calculation Template and Instructions and Related Revisions to the Insurance Holding Company Act. Insurance groups will be exempt from filing a GCC if.

Insurance

Insurance Paper Risk Analytics

FRANCE: CNIL adopts new single authorization on fraud prevention systems

DLA Piper Privacy Matters

SEPTEMBER 29, 2017

Pursuant to several provisions of the French Code Monétaire et Financier , entities from the banking and financial sector are required to implement processes and strategies to detect, measure and manage operational risks within their group (on a consolidated basis). 311-2 of the Code Monétaire et Financier. .

Personal data

Personal data Financial Services Risk Insurance

Institutional Investor’s Introduction to Blockchain and Digital Asset Investing

Data Matters

NOVEMBER 2, 2021

We will also discuss a developing range of services referred to as digital asset “prime brokerage” — describing the suite of services typically provided by these prime brokers and comparing them to traditional offerings of prime brokers in the securities space. CME Futures on Bitcoin and Ethereum.

Blockchain

Blockchain Marketing Access Risk

A consumer perspective on FinTech disruption (part 3)

CGI

JANUARY 12, 2017

As FinTech firms aggressively and innovatively push their way into the financial services space, established banks are increasingly focused on effectively responding to the competitive threat. They want and expect banks to increase their level of security. Recommendations for banks.

Financial Services

Financial Services Education Marketing Risk

US: Surviving the service provider data breach

DLA Piper Privacy Matters

JULY 30, 2019

Effective cybersecurity requires organizations to move beyond perimeter defense of their own network to protecting sensitive data in the hands of service providers. From a security and legal perspective, service provider cybersecurity requires significant attention and coordination by all parties both before and after hitting the breach.

Data breaches

Data breaches Cybersecurity Financial Services Risk

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

IT Governance

DECEMBER 11, 2023

Researchers from the German cyber security company Aplite discovered 3,806 servers from 111 countries accessible on the Internet. suffers second ransomware attack in months Having been struck by a ransomware attack in October by the BlackSuit group , which led to operations and appointments being postponed, Akumin Inc. Akumin Inc.

Data Privacy

Data Privacy Energy and Utilities Privacy Manufacturing

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Krebs on Security

NOVEMBER 19, 2021

In reality, the fraudster initiates a transaction — such as the “forgot password” feature on the financial institution’s site — which is what generates the authentication passcode delivered to the member. Unfortunately, Otsuka said, the scammers are defeating this layered security control as well.

IT

IT Passwords Authentication Phishing

The Week in Cyber Security and Data Privacy: 8 – 14 January 2024

IT Governance

JANUARY 16, 2024

Source 1 ; source 2 (Update) Professional services USA Yes 56,457 Highlands Oncology Group Source 1 ; source 2 ; source 3 (Update) Healthcare USA Yes 55,297 Charm Sciences, Inc. Drug Mart Source 1 ; source 2 (Update) Healthcare USA Yes 36,749 Elliott Group Source (New) Manufacturing USA Yes 31.5

Data Privacy

Data Privacy Privacy Manufacturing Retail

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

IT Governance

JANUARY 23, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight More than 70 million email addresses added to Have I Been Pwned The security researcher Troy Hunt has added more than 70 million email addresses from the Naz.API data set to his Have I Been Pwned data breach notification service. VF Corporation confirms 35.5

Data Privacy

Data Privacy Privacy Manufacturing Retail

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C. Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc.

Data Privacy

Data Privacy Privacy Security Data breaches

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Data Matters

SEPTEMBER 24, 2019

Many of the new or modernized laws tend to be based on comprehensive legislation, rather than sectoral rules, as data needs to move across industry groups and borders. Companies in the financial services, technology, airline and hotel industries are among those that could face substantial compliance obligations.

Personal data

Personal data GDPR Data Privacy Privacy

SHARED INTEL: Akamai reports web attack traffic spiked 62 percent in 2020 — all sectors hit hard

The Last Watchdog

MAY 24, 2021

Akamai, which happens to be the Hawaiian word for “smart,” recently released its annual State of the Internet security report. billion hitting financial services organizations — an increase of more than 45 percent year-over-year in that sector. billion web attacks globally; 736 million in the financial services sector.

Financial Services

Financial Services Passwords Data breaches Authentication

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

A number of countries are suggesting data localization as a way to secure their systems, which would mean significant changes for companies operating there. State legislatures, insurance commissions, attorneys general and regulatory agencies are moving to develop detailed cybersecurity requirements.

Cybersecurity

Cybersecurity Privacy Data breaches GDPR

#ModernDataMasters: Lewis Ownes, CEO Agile Solutions

Reltio

MAY 14, 2019

But it did give me the advantage of seeing how the data was being fed into the machines for personalisation and the use of algorithms for security even back then. “At The cloud technologies AWS, Azure and GCP are a group representing a massive percentage of the IT market at the moment.

Big data

Big data Government Cloud IT

Federal Bank Regulators Require Notifications For Material Cybersecurity Incidents

Data Matters

NOVEMBER 22, 2021

On November 18, 2021, a group of federal bank regulators announced a final rule requiring banks to notify their primary federal regulator of any “significant computer-security incidents.” The agencies note the increasing frequency and severity of cyberattacks on the financial services industry as a key motivator for the rule.

Cybersecurity

Cybersecurity Insurance Financial Services Marketing

Infosource Global Capture & IDP Vertical Market Analysis 2022-2023 Update

Info Source

DECEMBER 8, 2023

In our vertical market sizing and analysis, we cover horizontal use cases e.g., accounting, HR management, as well as vertical specific use cases e.g., bank account opening, mortgage processing and insurance claims processing. grade schools), is the second largest group of verticals.

Marketing

Marketing Customer Experience Energy and Utilities Digital transformation

Researchers shared the lists of victims of SolarWinds hack

Security Affairs

DECEMBER 22, 2020

Security experts shared lists of organizations that were infected with the SolarWinds Sunburst backdoor after decoding the DGA mechanism. Security experts started analyzing the DGA mechanism used by threat actors behind the SolarWinds hack to control the Sunburst / Solarigate backdoor and published the list of targeted organizations.

Communications

Communications Manufacturing Financial Services Insurance

Survey Says…Cybersecurity Remains A Critical Challenge For Business

Privacy and Cybersecurity Law

MARCH 23, 2018

On March 14, 2018, IBM Security announced the results of a new global study on organizational cybersecurity readiness and resiliency entitled “The 2018 Cyber Resilient Organization.” 23% of respondents say they do not currently have a CISO or security leader. .” Is this confidence misplaced?

Cybersecurity

Cybersecurity Artificial Intelligence Data breaches IoT

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Last Watchdog

FEBRUARY 25, 2019

Related: Applying ‘zero trust’ to managed security services. Fortunately, the identity management space has attracted and inspired some of the best and brightest tech security innovators and entrepreneurs. So why hasn’t the corporate sector been more effective at locking down access for users?

Access

Access Government Authentication Data breaches

The Role of Master Data Management in Enabling Omnichannel Connected Customer Experiences

Reltio

NOVEMBER 9, 2020

Our innovative customers span different industries like life sciences, financial services and insurance, healthcare, CPG, apparel, retail, travel and hospitality and high tech. It delivers real-time data at scale through secure API first access and a connected graph for relationships. Jan 8, 2020.

Customer Experience

Customer Experience MDM Retail Data science

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

Keyboard app vulnerabilities reveal keystrokes to network eavesdroppers Security researchers have identified critical security vulnerabilities in Cloud-based pinyin keyboard apps from Baidu, Inc., The company has fixed the issue, blaming it on a vulnerability in the app’s groups feature. Data breached: 4,186,879,104 messages.

Data Privacy

Data Privacy Privacy Manufacturing Security

CyberheistNews Vol 13 #25 [Fingerprints All Over] Stolen Credentials Are the No. 1 Root Cause of Data Breaches

KnowBe4

JUNE 20, 2023

The majority of these heists were committed by groups associated with North Korea. The cyber heists caused more than just financial losses. The recent information exposes the increasing dangers in the world of cryptocurrency and the urgent requirement for more robust security measures. million simulated phishing security tests.

Data breaches

Data breaches Phishing Security awareness Ransomware

Toyota Financial Services discloses a data breach

Medusa ransomware gang claims the hack of Toyota Financial Services

Webinars

Trending Sources

American Insurance firm State Farm victim of credential stuffing attacks

Webinars

First American Financial Pays Farcical $500K Fine

A massive DDoS attack took down the site of the German financial agency BaFin

Building for operational resilience in the age of AI and hybrid cloud

Iran-linked APT group Pioneer Kitten sells access to hacked networks

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

NY Payroll Company Vanishes With $35 Million

Identifying E-signature Requirements to Accelerate Digital Adoption and Meet Global Compliance

Regulatory Update: NAIC Summer 2019 National Meeting

Maze ransomware gang discloses data from drug testing firm HMR

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

Financial Stability Board to Develop International Cybersecurity Lexicon

Ransomware Protection in 2021

UK FCA Consults on Changes to Strong Consumer Authentication, Dedicated Interfaces, and Guidance on Payment Services

CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake

SER’s growth double that of ECM market competition

Office of Foreign Assets Control: Making or Facilitating Ransomware Payments May Violate U.S. Sanctions

How women are leading with data in Spain

A consumer perspective on FinTech disruption (part 1)

Regulatory Update: NAIC Fall 2020 National Meeting

FRANCE: CNIL adopts new single authorization on fraud prevention systems

Institutional Investor’s Introduction to Blockchain and Digital Asset Investing

A consumer perspective on FinTech disruption (part 3)

US: Surviving the service provider data breach

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

The Week in Cyber Security and Data Privacy: 8 – 14 January 2024

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

SHARED INTEL: Akamai reports web attack traffic spiked 62 percent in 2020 — all sectors hit hard

Privacy and Cybersecurity Top 10 for 2018

#ModernDataMasters: Lewis Ownes, CEO Agile Solutions

Federal Bank Regulators Require Notifications For Material Cybersecurity Incidents

Infosource Global Capture & IDP Vertical Market Analysis 2022-2023 Update

Researchers shared the lists of victims of SolarWinds hack

Survey Says…Cybersecurity Remains A Critical Challenge For Business

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Role of Master Data Management in Enabling Omnichannel Connected Customer Experiences

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

CyberheistNews Vol 13 #25 [Fingerprints All Over] Stolen Credentials Are the No. 1 Root Cause of Data Breaches

Stay Connected