Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access 96

Access Financial Services Retail Insurance 96

Schneier on Security

APRIL 12, 2018

Good article about how difficult it is to insure an organization against Internet attacks, and how expensive the insurance is. Companies like retailers, banks, and healthcare providers began seeking out cyberinsurance in the early 2000s, when states first passed data breach notification laws.

Insurance 48

Insurance Cybersecurity Data breaches Retail 48

IT Governance

JANUARY 9, 2024

LockBit claims responsibility for Capital Health security incident The LockBit ransomware group has claimed responsibility for an attack on Capital Health , a healthcare provider in Pennington, New Jersey, last November. The group has allegedly exfiltrated more than 10 million files. Data breached: 41,500,000 records.

Data Privacy 75

Data Privacy Privacy Manufacturing Data breaches 75

IT Governance

FEBRUARY 21, 2024

Fowler sent a responsible disclosure notice when he discovered the database and it was secured the following day. Welfare Benefits Plan Source 1 ; source 2 New Healthcare USA Yes 13,079 Insurance ACE/Humana Inc. Known records breached Zenlayer Source New Telecoms USA Yes 384,658,212 ASA Electronics Source New Engineering USA Yes 2.7

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

Adam Levin

APRIL 10, 2019

A security analysis of 30 major banking and financial apps has shown major security holes and a lax approach to protecting user data. Other findings included improperly secured database commands (capable of allowing man-in-the-middle attacks), weak encryption, and the ability to reverse-engineer the app code into a readable format.

Retail 74

Retail Security Insurance Encryption 74

Security Affairs

DECEMBER 1, 2023

The Black Basta ransomware group has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. A joint research by Elliptic and Corvus Insurance revealed that the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. in Germany, and 5.9%

Ransomware 92

Ransomware Blockchain Retail Insurance 92

Krebs on Security

DECEMBER 18, 2018

Virtually all companies like to say they take their customers’ privacy and security seriously, make it a top priority, blah blah. That’s because very few of the world’s biggest companies list any security executives in their highest ranks. banks) would have this role in their executive leadership team.

Security 215

Security Marketing Cybersecurity Data breaches 215

Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. The Privacy Working Group has been reviewing state insurance privacy protections regarding the collection, ownership, use, and disclosure of information gathered in connection with insurance transactions.

Insurance 78

Insurance Paper Privacy Risk 78

Security Affairs

JUNE 10, 2021

Threat hunting and adversarial cyber intelligence company Group-IB published a comprehensive analysis of fraud cases on a global scale. Group-IB also unveiled Scam Intelligence, a fraud-tracking technology that paved the way for DRP, the company’s proprietary solution. million in one year .

Phishing 101

Phishing Retail Insurance Risk 101

Security Affairs

AUGUST 28, 2019

Recent campaigns show t hreat actors behind the Dridex and Locky malware families , the TA505 group, have updated tactics and expanded its target list. Trend Micro revealed that the TA505 group that is behind the Dridex and Locky malware families continue to make small changes to its operations. ” continues the report.

e-Delivery 74

e-Delivery Insurance Retail Government 74

Data Matters

SEPTEMBER 20, 2021

The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. Highlights include, among others, adoption of revised risk-based capital bond factors for life insurers, amendments to SSAP No. NAIC Adopts Revised Risk-Based Capital Bond Factors for Life Insurers.

Insurance 88

Insurance e-Delivery Paper Sales 88

Security Affairs

JANUARY 21, 2020

The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform. Hacker groups under the Magecart umbrella continue to steal payment card data with so-called software skimmers. The malware was completely removed on November 11, 2019.

Data breaches 107

Data breaches Retail Cloud Insurance 107

Hunton Privacy

NOVEMBER 6, 2014

Hunton & Williams Insurance Litigation & Counseling partner Lon Berk reports: As the demand for cyber insurance has skyrocketed, so too has the cost. New payment technologies, however, will change the need for this type of cyber insurance. As these payment technologies become prevalent in the U.S.,

Insurance 40

Insurance Retail Sales Risk 40

Krebs on Security

MARCH 26, 2020

Cybersecurity experts say the raid included the charging of a major carding kingpin thought to be tied to dozens of carding shops and to some of the bigger data breaches targeting western retailers over the past decade. Flint is among the biggest players in the crowded underground market for stolen credit card data, according to a U.S.

Retail 277

Retail Insurance Cybersecurity Data breaches 277

Data Matters

SEPTEMBER 3, 2020

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. Annuity Suitability Working Group Drafting FAQ Document to Facilitate Uniformity in State Adoption of Revised Suitability in Annuity Transactions Model Regulation.

Insurance 68

Insurance Paper Artificial Intelligence Big data 68

IT Governance

JUNE 30, 2022

We identified 80 security incidents during the month, resulting in 34,908,053 compromised records. Meanwhile, be sure to subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. If you’re facing a cyber security disaster, IT Governance is here to help.

Data breaches 136

Data breaches Ransomware Personal data Blockchain 136

Hunton Privacy

DECEMBER 1, 2020

Carrefour France and Carrefour Banque are both affiliates of the French retail group, the Carrefour Group. The group has diversified its activities into the banking and insurance, travel agency and e-commerce sectors. The CNIL carried out online inspections on the carrefour.fr and carrefour-banque.fr website.

GDPR 91

GDPR Personal data Data collection Marketing 91

IT Governance

JULY 1, 2021

We found a comparatively low 9,780,931 breached records from publicly disclosed security incidents in June 2021. June’s figures bring the annual running total of security incidents to 729 and the total number of breached records to 3,947,030,094.

Data breaches 130

Data breaches Ransomware Computer and Electronics Retail 130

Data Matters

SEPTEMBER 4, 2019

The National Association of Insurance Commissioners (NAIC) held its Summer 2019 National Meeting (Summer Meeting) in New York City from August 3 to 6, 2019. The amended regulation took effect on August 1, 2019, for annuity products and will become effective on February 1, 2020, for life insurance products.

Insurance 68

Insurance Paper Risk Analytics 68

IT Governance

APRIL 1, 2021

Don’t be fooled by the fact that we only recorded 20,995,371 breached records in March; it was one of the leakiest months we’ve ever seen, with 151 recorded incidents. By comparison, there was a seemingly Lilliputian 82 recorded breaches in January and 118 in February.

Data breaches 130

Data breaches Ransomware Manufacturing e-Delivery 130

Security Affairs

NOVEMBER 8, 2020

Luxottica Group S.p.A. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. ” On October 27th, the company began to notify affected users.

Data breaches 79

Data breaches Insurance Retail Ransomware 79

Armstrong Archives

DECEMBER 19, 2023

No matter the size of a business, a well-defined record retention policy serves multiple purposes: ensuring compliance with legal and regulatory requirements, aiding in efficient document management, and securing sensitive information. However, they also require IT infrastructure to facilitate secure storage and backup.

Compliance 52

Compliance Archiving Digital transformation Sales 52

IT Governance

JUNE 1, 2022

We identified 77 security incidents during the month, resulting in 49,782,129 compromised records. Meanwhile, be sure to subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. If you’re facing a cyber security disaster, IT Governance is here to help.

Data breaches 126

Data breaches Ransomware Phishing Education 126

IT Governance

SEPTEMBER 1, 2022

Meanwhile, the bastion of password security, LastPass, announced that its systems had been breached – although the organisation is confident that customers’ details remain secure. In total, we identified 112 publicly disclosed security incidents in August, resulting in 97,456,345 compromised records.

Data breaches 116

Data breaches Ransomware Energy and Utilities Phishing 116

The Security Ledger

APRIL 27, 2021

The post Episode 212: China’s Stolen Data Economy (And Why We Should Care) appeared first on The Security Ledger with Paul F. That company recently made a study of how Chinese cyber criminal groups were using big data technology to monetize the data they obtained (often: stole) in the Chinese language underground.

Data breaches 52

Data breaches Big data Retail Insurance 52

KnowBe4

DECEMBER 6, 2022

Live Demo] Ridiculously Easy Security Awareness Training and Phishing. Join us TOMORROW, Wednesday, December 7 @ 2:00 PM (ET) , for a live demo of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing. Vet, manage and monitor your third-party vendors' security risk requirements.

Security awareness 92

Security awareness Phishing Risk Insurance 92

Security Affairs

OCTOBER 1, 2019

million of expected insurance coverage. “As previously communicated in Company announcements on 3, 4 and 17 September, the Demant Group experienced a critical incident on our internal IT infrastructure on 3 September 2019. The Group’s IT infrastructure was hit by cyber-crime.” ” reported ComputerWord.

Sales 77

Sales Ransomware Retail Insurance 77

IT Governance

DECEMBER 5, 2023

IT Governance’s research has found the following for November 2023: 470 publicly disclosed security incidents. It usually also involved temporarily taking down systems to limit the impact of the security breach. Note: This includes security incidents where we know no records were breached.

Data breaches 113

Data breaches Ransomware Access Security 113

IT Governance

JANUARY 4, 2021

We logged 134 security incidents in December, which accounted for 148,354,955 breached records. What else would you expect from the final month of 2020 than the highest number of publicly disclosed incidents we’ve ever recorded? That brings the total for 2020 to more than 20 billion.

Data breaches 116

Data breaches Ransomware Energy and Utilities Computer and Electronics 116

ForAllSecure

MAY 17, 2023

Chris Gray of Deep Watch talks about the view from the inside of a virtual SOC, the ability to see threats against a large number of SMB organizations, and the changes to cyber insurance we’re seeing as a result. A lot of SMBs do not have security operations centers or SOCs. They can provide that additional security, remotely.

Insurance 40

Insurance Privacy Ransomware GDPR 40

IT Governance

FEBRUARY 21, 2019

This week, we discuss a security flaw affecting 1Password, Dashlane, KeePass and LastPass; the prevalence of historic vulnerabilities in corporate IT systems; the increase in formjacking attacks; and Wendy’s $50 million data breach settlement. Hello, and welcome to the IT Governance podcast for Thursday, 21 February 2019.

Passwords 76

Passwords Data breaches Retail Government 76

IT Governance

JANUARY 3, 2024

billion records The security researcher Jeremiah Fowler discovered an unprotected database exposing more than 1.5 Fowler contacted the company, which secured the database. The security researcher Bob Diachenko identified the leak in September and contacted TuneFab, which fixed the misconfiguration within 24 hours.

Data Privacy 107

Data Privacy Insurance Manufacturing Retail 107

Data Protection Report

MAY 17, 2019

The bill would have made three significant changes to the CCPA: It would have expanded the consumer’s private right of action from only certain security breaches to any violation of the CCPA. Clarifies non-discrimination provision to allow retail loyalty programs. Exempts “insurance institutions, agents, and support organizations”.

Retail 40

Retail Privacy Insurance Manufacturing 40

IT Governance

APRIL 9, 2024

Kid Security breached again: children’s live GPS locations exposed on the Internet Last November , the parental control app Kid Security, which allows parents to monitor and control their children’s online safety, was found to have exposed more than 300 million records via misconfigured Elasticsearch and Logstash instances.

Data Privacy 52

Data Privacy Privacy Security Manufacturing 52

IT Governance

MARCH 5, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight Millions of Pure Incubation Ventures records listed on hacking forum 183,754,481 records apparently belonging to the venture capital and private equity group Pure Incubation Ventures have been listed for sale on a hacking forum. The claim is yet to be verified.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

APRIL 22, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight Criminal hackers threaten to leak World-Check screening database A criminal group known as GhostR claims to have stolen 5.3 Compromised data includes names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers.

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

IT Governance

FEBRUARY 27, 2024

The breached data includes names, addresses, emails, phone numbers, dates of birth, and financial account and Social Security numbers. The breached data may include names, Social Security numbers and health insurance information. GB Tiete Automobile Source (New) Retail Brazil Yes 68.5

Data Privacy 52

Data Privacy Manufacturing Privacy Data breaches 52