2020, Information Security, Insurance and IT - Information Management Today

The FCC imposes $200 million in fines on four US carriers for unlawfully sharing user location data

Security Affairs

APRIL 29, 2024

The fines come as a result of the Notices of Apparent Liability (NAL) issued by the FCC against AT&T, Sprint, T-Mobile, and Verizon in February 2020. Verizon , on the other hand, faces a proposed fine exceeding $48 million, and Sprint faces a proposed fine of more than $12 million due to the actions taken by the FCC.

Insurance

Insurance Communications Access IT

Thousands of Humana customers have their medical data leaked online by threat actors

Security Affairs

JULY 21, 2021

Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a popular hacker forum. Drug prescription listings). Who had access to the data?

Insurance

Insurance Passwords Libraries Access

The Week in Cyber Security and Data Privacy: 30 October – 5 November 2023

IT Governance

NOVEMBER 6, 2023

According to the security company Resecurity , which discovered the listing, the data included victims’ name, age, gender, address, passport number and Aadhaar number (a 12-digit government identification number). It secured its systems, notified law enforcement and began investigating the incident.

Data Privacy

Data Privacy Privacy Libraries Security

New York SHIELD Act $600,000 settlement

Data Protection Report

FEBRUARY 8, 2022

In total, information for approximately 2.1 million individuals was exposed, including approximately 98,632 New Yorkers.The AG began an investigation based on New York’s Executive Law § 63(12) [deception] and General Business Law §§ 349 [deception] and 899-bb. EyeMed blocked the threat actor’s access on July 1.

Passwords

Passwords Financial Services Authentication Insurance

FDIC, FRB and OCC Issue Interagency Guidance on Third-Party Relationships

Hunton Privacy

JUNE 13, 2023

On June 6, 2023, the Federal Deposit Insurance Corporation (“FDIC”), the Board of Governors of the Federal Reserve System (“FRB”) and the Office of the Comptroller of the Currency (“OCC”) issued their final Interagency Guidance on Third-Party Relationships (“Guidance”).

Risk

Risk Insurance Compliance Information Security

NYDFS settles cybersecurity regulation matter for $3 million

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. NSC), relating to violations of three different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2020. NYDFS Cybersecurity Regulation.

Cybersecurity

Cybersecurity Financial Services Phishing Compliance

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

The Week in Cyber Security and Data Privacy: 13 – 19 November 2023

IT Governance

NOVEMBER 20, 2023

According to databreaches.net , the group exfiltrated tenant information, service management information, financial data, business data, property data, employee data and sensitive business information. For more information about the SEC cyber security disclosure rules, register for our free webinar on 30 November.)

Data Privacy

Data Privacy Privacy Data breaches Security

US-based children’s clothing maker Hanna Andersson discloses a data breach

Security Affairs

JANUARY 21, 2020

Hanna Andersson started informing its customers via email, the company was informed by law enforcement on December 5 that data related to credit cards used by its customers on its websites were available for sale on the dark web. Name, address, billing information, and credit card info is thought to be compromised.

Data breaches

Data breaches Retail Cloud Insurance

How are the EU member states progressing in their implementation of the NIS Directive?

IT Governance

APRIL 10, 2019

On 6 July 2016, the EU officially adopted the NIS Directive (Directive on security of network and information systems) and gave each EU member state just under two years to implement its requirements into national law. Implementation status : Transposed, as The Security of Network and Information Systems Law of 2018.

Compliance

Compliance Information Security Government Insurance

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

Data Matters

FEBRUARY 10, 2022

Stay Up to Date on SEC Alerts Related to Cybersecurity: For instance, in 2020 the Division of Examinations published three alerts related to cybersecurity (OCIE Cybersecurity and Resiliency Practices; Ransomware Alert; and Safeguarding Client Accounts against Credential Compromise). Best Practices for Public Companies. s software.

Cybersecurity

Cybersecurity Marketing Risk Compliance

List of Data Breaches and Cyber Attacks in 2023

IT Governance

JUNE 1, 2023

Meanwhile, you can subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. IT Governance is dedicated to helping organisations tackle the threat of cyber crime and other information security weaknesses.

Data breaches

Data breaches Insurance Personal data Ransomware

2019 end-of-year review part 1: January to June

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories. Part one covers January to June, and will be followed by part in the coming days.

Data breaches

Data breaches GDPR Passwords Personal data

Researchers shared the lists of victims of SolarWinds hack

Security Affairs

DECEMBER 22, 2020

link] pic.twitter.com/40VfXuR6JI — RedDrip Team (@RedDrip7) December 16, 2020. Truesec researchers speculate that threat actors might have exfiltrated a massive amount of highly confidential information from multiple organizations. College of Law and Business, Israel NetBios HTTP Backdoor 2020-05-26 ad001.mtk.lo

Communications

Communications Manufacturing Financial Services Insurance

Fragomen law firm data breach exposed Google employee’s data

Security Affairs

OCTOBER 27, 2020

The security breach exposed current and former Google employees’ personal information after an unauthorized third party gained access to a single file containing personal information relating to I-9 employment verification services. “We recently became aware of suspicious activity within our computer network.

Data breaches

Data breaches Insurance Access Security

Top Cybersecurity Startups to Watch in 2022

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. With evolving attack methodologies due to machine learning, quantum computing, and sophisticated nation-state hackers, security startups are receiving record funding.

Cybersecurity

Cybersecurity Cloud Compliance Analytics

Information Management Today

The FCC imposes $200 million in fines on four US carriers for unlawfully sharing user location data

Thousands of Humana customers have their medical data leaked online by threat actors

Trending Sources

The Week in Cyber Security and Data Privacy: 30 October – 5 November 2023

New York SHIELD Act $600,000 settlement

FDIC, FRB and OCC Issue Interagency Guidance on Third-Party Relationships

NYDFS settles cybersecurity regulation matter for $3 million

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

The Week in Cyber Security and Data Privacy: 13 – 19 November 2023

US-based children’s clothing maker Hanna Andersson discloses a data breach

How are the EU member states progressing in their implementation of the NIS Directive?

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

List of Data Breaches and Cyber Attacks in 2023

2019 end-of-year review part 1: January to June

Researchers shared the lists of victims of SolarWinds hack

Fragomen law firm data breach exposed Google employee’s data

Top Cybersecurity Startups to Watch in 2022

Stay Connected