Hunton Privacy

NOVEMBER 8, 2023

On November 1, 2023, New York Governor Hochul announced that the New York State Department of Financial Services (“NYDFS”) amended its Cybersecurity Regulation applicable to covered financial institutions. Our previous blog post covered key proposed changes to the Cyber Regulation.

Cybersecurity 72

Cybersecurity IT Compliance Financial Services 72

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. sought coverage for expenses under its property insurance policy.

Insurance 70

Insurance Cybersecurity Risk Education 70

Security Affairs

NOVEMBER 20, 2021

Major cybersecurity incidents are attacks that impact operations of the victims or the stability of the US financial sector. The rule was approved by the Federal Reserve, Federal Deposit Insurance Corporation and Office of the Comptroller of the Currency. The rule aims at forcing banks to quickly respond to cybersecurity incidents.

Cybersecurity 111

Cybersecurity Financial Services Insurance Ransomware 111

Security Affairs

APRIL 8, 2020

On March 21, the Maze ransomware operators published some of the stolen files on their “leak site,” after the refusal of the research firm of paying the ransom. The attack took place on March 14th, 2020, when the Maze Ransomware operators exfiltrated data from the HMR’s network and then encrypt their systems.

Ransomware 100

Ransomware Data breaches Encryption Financial Services 100

IT Governance

NOVEMBER 13, 2023

On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”. Records breached: 79,582 Ontario hospitals update: information relating to 5.6

Data Privacy 85

Data Privacy Privacy Security Data breaches 85

Data Matters

OCTOBER 8, 2020

individuals and businesses comply with ransomware payment demands. Ransomware attacks use malware, often injected through phishing schemes, to encrypt a victim’s data files or programs, followed by a ransom demand by the threat actor that offers the decryption key in exchange for payment. sanctions law violations if U.S.

Ransomware 68

Ransomware Compliance Risk Government 68

Data Matters

JANUARY 28, 2022

A few days after the Advisory, Ukrainian government websites were attacked by Russian actors while the Russian government simultaneously arrested members of the notorious ransomware gang REvil. Like an incident response plan, MFA has become a critical element of cybersecurity programs.

Cybersecurity 157

Cybersecurity Authentication Financial Services Government 157

Krebs on Security

SEPTEMBER 11, 2019

Unlike many stories here about cloud service providers being extorted by hackers for ransomware payouts , this snafu appears to have been something of an inside job. The company that handled that process for MyPayrollHR is a California firm called Cachet Financial Services.

Financial Services 279

Financial Services Cloud Insurance IT 279

eSecurity Planet

JUNE 16, 2022

Encrypted threats spiked 167%, ransomware increased 105%, and 5.4 These new attacks affect everything from private citizens and businesses to government systems; healthcare organizations; public services; and food, water, and fuel supply chains. Ransomware. Ransomware is the fastest-growing trend. Mobile attacks.

Ransomware 140

Ransomware Cybersecurity Phishing Encryption 140

IT Governance

FEBRUARY 21, 2024

ALPHV/BlackCat ransomware gang adds 2.7 TB of ASA Electronics data to its leak site The ALPHV/BlackCat ransomware gang is attempting to extort a ransom from ASA Electronics for 2.7 Welfare Benefits Plan Source 1 ; source 2 New Healthcare USA Yes 13,079 Insurance ACE/Humana Inc. Date breached: 384,658,212 records.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. See CF Disclosure Guidance: Topic No. 2, Cybersecurity (Oct. 14, 2011). 15, 2020).

Cybersecurity 68

Cybersecurity Financial Services Risk Compliance 68

KnowBe4

MARCH 28, 2023

This enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. I've written quite a few times about specific cyber insurance claim cases that required going to court to settle. Don't get caught in a phishing net! Learn how to avoid having your end users take the bait.

Phishing 87

Phishing Security awareness Insurance Cybersecurity 87

Security Affairs

APRIL 20, 2023

If malicious actors accessed the exposed data, the company could have faced devastating consequences and put their clients at risk, as financial services are the main target for cybercriminals. ICICI Bank’s response Threat to financial accounts Finance and insurance are one of the most targeted industries by cybercriminals.

Personal data 95

Personal data Phishing Risk Communications 95

KnowBe4

FEBRUARY 14, 2023

By Javvad Malik Insurance provider Hiscox has published its fifth annual cyber readiness report, which has some eye-opening statistics. The reports show that ransomware incidents have increased from 17% to 19%, often spread through phishing emails and malware. businesses.

Phishing 85

Phishing Security awareness Compliance Risk 85

DLA Piper Privacy Matters

JULY 30, 2019

Some states – such as Alabama, Massachusetts and New York (for financial services companies) – prescribe particular requirements of a “reasonable” cybersecurity program. At least nine states expressly extend these requirements to service providers. Proof of adequate cyber insurance coverage.

Data breaches 45

Data breaches Cybersecurity Financial Services Risk 45

IT Governance

DECEMBER 11, 2023

suffers second ransomware attack in months Having been struck by a ransomware attack in October by the BlackSuit group , which led to operations and appointments being postponed, Akumin Inc. has suffered a second attack, this time by the BianLian ransomware group. Data breached: more than 59 million data records. Akumin Inc.

Data Privacy 101

Data Privacy Energy and Utilities Privacy Manufacturing 101

IT Governance

MARCH 11, 2024

Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc. million last year, roughly a quarter of which was the due to the ransomware attack it suffered in March 2023.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

IT Governance

JANUARY 23, 2024

Source (New) Real estate USA Yes 46,906 Hampton-Newport News Community Services Board Source 1 ; source 2 ; source 3 (New) Healthcare USA Yes 44,312 Air Methods Source 1 ; source 2 (New) Healthcare USA Yes 34,016 GREYHOURS Source (New) Retail France Yes 18,700 Groveport Madison Schools Source 1 ; source 2 ; source 3 (Update) Education USA Yes 15.5

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

Data Protection Report

JANUARY 30, 2023

employment opportunities; f. financial or lending services; g. health-care services; h. housing; or i. insurance.

Privacy 113

Privacy Cybersecurity Personal data Insurance 113

KnowBe4

JUNE 20, 2023

Overall, the use of stolen credentials is the overwhelming leader in data breaches, being involved in nearly 45% of breaches – this is more than double the second-place spot of "Other" (which includes a number of types of threat actions) and ransomware, which sits at around 20% of data breaches.

Data breaches 76

Data breaches Phishing Security awareness Ransomware 76

KnowBe4

MAY 31, 2023

That's right – the financial services industry, at least according to cybersecurity vendor Armorblox's 2023 Email Security Threat Report. According to the report, the financial services industry as a target has increased by 72% over 2022 and was the single largest target of financial fraud attacks, representing 49% of all such attacks.

Phishing 79

Phishing File names Security awareness Risk 79

eSecurity Planet

MAY 11, 2023

I am very surprised that the cyber insurance industry has not required zero trust architecture already, but perhaps the $1.4 Also read: Building a Ransomware Resilient Architecture What All This Means From my vantage point (semi-retired and with lots of time to think, I might add) all this means that one of two things needs to happen.

Cloud 96

Cloud IT Insurance Authentication 96

Data Matters

APRIL 23, 2018

Board-management discussions about cyber risk should include identification of which risks to avoid, which to accept, and which to mitigate or transfer through insurance, as well as specific plans associated with each approach. Principle 5.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60

eSecurity Planet

JANUARY 11, 2022

With robust encryption policies, Evervault can help reduce insurance premiums and offers PCI-DSS and HIPAA compliance automation. Read more: Application Security is Key to Stopping Ransomware, Vendor Says. Endpoint Security and Protection Against Ransomware. Also read: Top Code Debugging and Code Security Tools. Cowbell Cyber.

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142

eSecurity Planet

JUNE 1, 2021

” Lookout data indicates that about 15 percent of financial services employees encountered a mobile phishing attempt each quarter in 2020. ” Further reading: Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs. . … Attacks are more difficult to spot on mobile. Awareness, Training are Key.

Phishing 70

Phishing Cybersecurity Government Authentication 70