2019, Information Security, Insurance and IT - Information Management Today

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

JANUARY 14, 2019

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The Act is designed to “establish standards for data security and for the investigation and notification to the Superintendent of Insurance of a cybersecurity event.”.

Insurance

Insurance Security Cybersecurity Data breaches

UK cyber crime rate has doubled in the past five years

IT Governance

JULY 6, 2020

Beaming’s Five Years in Cyber Security found that 1.5 million organisations fell victim to cyber crime in 2019. On the plus side, the average cost of breaches has fallen from £26,000 per incident in 2015 to £6,000 in 2019 – although that’s offset by the increase in the overall number of incidents.

Information Security

Information Security Phishing IoT Insurance

Ransomware attack on MGM Resorts costs $110 Million

Security Affairs

OCTOBER 6, 2023

The company paid third-party experts $10 million to clean up its systems. “The Company has also incurred less than $10 million in one-time expenses in the third quarter related to the cybersecurity issue, which consisted of technology consulting services, legal fees and expenses of other third party advisors.”

Ransomware

Ransomware Insurance Cybersecurity IT

NYDFS settles cybersecurity regulation matter for $1.8 million

Data Protection Report

JUNE 2, 2021

million settlement with two related insurance companies, relating to violations of two different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2019. This matter began when insurance affiliate #1, licensed by NYDFS, discovered a phishing email in September of 2018. NYDFS Cybersecurity Regulation.

Cybersecurity

Cybersecurity Insurance Financial Services Phishing

$10,000,000 civil penalty for disclosing personal data without consent

Data Protection Report

APRIL 30, 2024

As part of the order, the company agreed to post “clearly and conspicuously” on its websites and apps for the next two years: Between October 2019 and [date], we shared the personal of information of consumers visiting our website and apps with other companies without their permission.

Personal data

Personal data Privacy Information governance Compliance

List of data breaches and cyber attacks in February 2019 – 692,853,046 records leaked

IT Governance

FEBRUARY 26, 2019

I count this month’s total of leaked records to be 692,853,046, bringing 2019’s total to 2,462,038,109. Eskom data leak exposes sensitive customer information – Security researcher. Outdated software left municipal worker information exposed in 200 towns. Crosby ISD’s IT system hacked by ransomware virus.

Data breaches

Data breaches Sales Phishing Ransomware

Volkswagen discloses data breach, 3.3 million customers impacted

Security Affairs

JUNE 12, 2021

The security breach affected a subsidiary Audi and authorized dealers in the U.S. According to a letter sent by the company to the Maine Attorney General and reported by TechCrunch , the subsidiary company left customer data spanning 2014 to 2019 unsecured online between August 2019 and May 2021. million of its customers.

Data breaches

Data breaches Sales Insurance Marketing

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. SEC Statement and Guidance on Public Company Cybersecurity Disclosures.

Cybersecurity

Cybersecurity Financial Services Risk Compliance

The Week in Cyber Security and Data Privacy: 13 – 19 November 2023

IT Governance

NOVEMBER 20, 2023

According to databreaches.net , the group exfiltrated tenant information, service management information, financial data, business data, property data, employee data and sensitive business information. For more information about the SEC cyber security disclosure rules, register for our free webinar on 30 November.)

Data Privacy

Data Privacy Privacy Data breaches Security

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR. Smaller infringements, such as an organization’s failure to have their records in order, could result in fines of up to 2 percent of annual global turnover or €10 million (whichever is greater). persons. Safe Harbor.

Cybersecurity

Cybersecurity Privacy Data breaches GDPR

SeaChange video delivery provider discloses REVIL ransomware attack

Security Affairs

SEPTEMBER 10, 2020

These images include a screenshot of folders on a SeaChange server compromised by the gang, insurance certificates, a driver’s license, and a cover letter for a proposal sent to the Pentagon. “In the first quarter of fiscal 2021, we experienced a ransomware attack on our information technology system,” reads the report.

Ransomware

Ransomware Data breaches Insurance Encryption

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Security Affairs

MAY 9, 2020

BEC attacks continue to threaten organizations worldwide, according to the last Internet Crime Complaint Center (IC3) report , the FBI recorded 23,775 BEC attacks in 2019 that resulted in an estimated US$1.77 30), we have observed three SilverTerrier actors/groups launch a series of 10 COVID-19 themed malware campaigns.”

Government

Government Energy and Utilities Insurance Phishing

Weekly podcast: Password managers, unpatched vulnerabilities, formjacking and Wendy’s

IT Governance

FEBRUARY 21, 2019

This week, we discuss a security flaw affecting 1Password, Dashlane, KeePass and LastPass; the prevalence of historic vulnerabilities in corporate IT systems; the increase in formjacking attacks; and Wendy’s $50 million data breach settlement. Hello, and welcome to the IT Governance podcast for Thursday, 21 February 2019.

Passwords

Passwords Data breaches Retail Government

Lake City agreed to pay $500,000 in ransom, is the second case in Florida in a week

Security Affairs

JUNE 26, 2019

Lake City is a small city in Florida with a population of 65,000 that was hit by ransomware earlier on June 10. “On Monday June 10th, 2019, the City of Lake City was targeted by a malware attack known as ‘Triple Threat.'” ” states the press release published by the city.

Ransomware

Ransomware Insurance Government IT

Medical info of 49,351 patients exposed in Alomere Health hospital breach

Security Affairs

JANUARY 7, 2020

Exposed data include names, addresses, dates of birth, medical record numbers, health insurance information and diagnosis and treatment details information. Attackers also accessed Social Security numbers and driver’s license numbers for some patients. .

Insurance

Insurance Access Security IT

Alabama Hospital chain paid ransom to resume operations after ransomware attack

Security Affairs

OCTOBER 13, 2019

The hospital chain hasn’t revealed the amount it has paid to the crooks to decrypt the data, it seems that an insurance covered the cost. The hospital chain hasn’t revealed the amount it has paid to the crooks to decrypt the data, it seems that an insurance covered the cost. ” continues the post.

Ransomware

Ransomware Insurance Paper Government

1M compromised cards available for free in the underground market

Security Affairs

AUGUST 8, 2021

All material from 2018-2019. Figure 5 – Screenshot from Group-IB Threat Intelligence & Attribution system Nevertheless, according to Group-IB’s findings, despite the post author’s claim that the cards were compromised from 2018-2019, 97% of the records in the database are still valid. Valid at 3%.

Marketing

Marketing Sales IT Insurance

OCR Provides Insight into Enforcement Priorities and Breach Trends

HL Chronicle of Data Protection

OCTOBER 21, 2019

Regulators, industry experts, and researchers provided insight into health privacy and security enforcement trends, emerging threats, and new tools at a recent conference focused on the Health Insurance Portability and Accountability (HIPAA) regulatory framework. OCR chooses cases based on perceived importance and message.

Risk

Risk Compliance Privacy Phishing

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

Data Matters

FEBRUARY 10, 2022

Establish and Implement Proper Policies and Procedures: The orders against First American and Pearson highlight the importance of maintaining policies and procedures for the reporting of security incidents and patching as well as the proper training of personnel under these policies and procedures. s software.

Cybersecurity

Cybersecurity Marketing Risk Compliance

List of Data Breaches and Cyber Attacks in 2023

IT Governance

JUNE 1, 2023

Meanwhile, you can subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. IT Governance is dedicated to helping organisations tackle the threat of cyber crime and other information security weaknesses.

Data breaches

Data breaches Insurance Personal data Ransomware

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

Group-IB, has analyzed key recent changes to the global cyberthreat landscape in the “Hi-Tech Crime Trends 2019/2020” report. According to Group-IB’s experts, the most frustrating trend of 2019 was the use of cyberweapons in military operations. As for 2019, it has become the year of covert military operations in cyberspace.

IT

IT Military Cybersecurity Phishing

Top Cybersecurity Startups to Watch in 2022

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. With evolving attack methodologies due to machine learning, quantum computing, and sophisticated nation-state hackers, security startups are receiving record funding.

Cybersecurity

Cybersecurity Cloud Compliance Analytics

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

KnowBe4

MARCH 14, 2023

CyberheistNews Vol 13 #11 | March 14th, 2023 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears Robert Lemos at DARKReading just reported on a worrying trend. In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2%

Phishing

Phishing Security Artificial Intelligence Security awareness

Information Management Today

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

UK cyber crime rate has doubled in the past five years

Trending Sources

Ransomware attack on MGM Resorts costs $110 Million

NYDFS settles cybersecurity regulation matter for $1.8 million

$10,000,000 civil penalty for disclosing personal data without consent

List of data breaches and cyber attacks in February 2019 – 692,853,046 records leaked

Volkswagen discloses data breach, 3.3 million customers impacted

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

The Week in Cyber Security and Data Privacy: 13 – 19 November 2023

Privacy and Cybersecurity Top 10 for 2018

SeaChange video delivery provider discloses REVIL ransomware attack

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Weekly podcast: Password managers, unpatched vulnerabilities, formjacking and Wendy’s

Lake City agreed to pay $500,000 in ransom, is the second case in Florida in a week

Medical info of 49,351 patients exposed in Alomere Health hospital breach

Alabama Hospital chain paid ransom to resume operations after ransomware attack

1M compromised cards available for free in the underground market

OCR Provides Insight into Enforcement Priorities and Breach Trends

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

List of Data Breaches and Cyber Attacks in 2023

Group-IB presents its annual report on global threats to stability in cyberspace

Top Cybersecurity Startups to Watch in 2022

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

Stay Connected