Information Security, Insurance and Manufacturing

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Security Affairs

JANUARY 6, 2024

Merck has resolved a dispute with insurers regarding a $1.4 Merck and its insurers have agreed with a $1.4 It is one of the largest pharmaceutical companies globally, engaged in the research, development, manufacturing, and marketing of a wide range of healthcare products. billion claim against the insurers.

Insurance

Insurance Healthcare Manufacturing Ransomware

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

Nexperia is a semiconductor manufacturer headquartered in Nijmegen, the Netherlands. Gb - NDA The group published a set of files as proof of the security breach and threatens leak all the stolen data if the victim will not pay the ransom. It is a subsidiary of the partially state-owned Chinese company Wingtech Technology.

Ransomware

Ransomware Manufacturing Insurance Cybersecurity

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

This group primarily focused its attacks on the construction, manufacturing/industrial, and retail industries. The data shows a shift in ransomware targets over the past three years. Previously dominated by the construction industry, the IT sector now claims the top spot in 2023.

Ransomware

Ransomware Manufacturing Retail Insurance

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Episode 158: How NotPetya has Insurers grappling with Systemic Cyber Risk

The Security Ledger

AUGUST 20, 2019

We talk to Bruce McDonnell of the East West Institute about how insurers are responding. Related Stories Episode 155: Disinformation is a Cyber Weapon and APTs warm to Mobile Malware Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats NotPetya Horror Story Highlights Need for Holistic Security.

Insurance

Insurance Risk Healthcare Manufacturing

McLaren Health Care revealed that a data breach impacted 2.2 million people

Security Affairs

NOVEMBER 10, 2023

Exposed information varied by individual and may include some combination of certain individuals’ names, social Security number, health insurance information, date of birth, and medical information. ” reads the notice of data breach sent to the Maine Attorney General.

Data breaches

Data breaches Ransomware Insurance Manufacturing

Cybersecurity Incident Highlights Questions about Cyber Insurance Coverage

Hunton Privacy

OCTOBER 14, 2014

On October 8, 2014, the Department of Homeland Security reported that over the course of several months, the network of a large critical manufacturing company was compromised. The incident raises some issues for cyber insurance.

Insurance

Insurance Cybersecurity Manufacturing Information Security

Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform

Security Affairs

OCTOBER 4, 2023

Researchers from the cybersecurity firm Menlo Security reported that threat actors exploited an open redirection vulnerability in the job search platform Indeed in phishing attacks. The campaign was observed between July and August, threat actors used the phishing kit ‘ EvilProxy.’

Phishing

Phishing Insurance Manufacturing Authentication

Belden discloses data breach as a result of a cyber attack

Security Affairs

NOVEMBER 25, 2020

Belden, the manufacturer of networking and cable products, disclosed a data breach, threat actors have stolen employee and business information. The company said the breach did not impact operations at manufacturing plants, quality control or shipping, it added that attackers only had access to a “limited number” of company servers.

Data breaches

Data breaches Manufacturing Insurance Access

A massive phishing campaign using QR codes targets the energy sector

Security Affairs

AUGUST 16, 2023

Other top 4 targeted industries include Manufacturing, Insurance, Technology, and Financial Services seeing 15%, 9%, 7%, and 6% of the campaign traffic respectively.” Experts warn that the Energy sector was a major focus of this campaign, followed by manufacturing, and insurance. ” continues the report.

Phishing

Phishing Energy and Utilities Insurance Manufacturing

SSL Bugs Likely to Have Insurance Coverage Implications

Hunton Privacy

FEBRUARY 28, 2014

Hunton & Williams Insurance Litigation & Counseling partner Lon Berk reports: The recently publicized Secure Sockets Layer (“SSL”) bug affecting Apple Inc. products raises a question regarding insurance coverage that is likely to become increasingly relevant as “The Internet of Things” expands.

Insurance

Insurance Manufacturing Risk Security

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In the video, the REvil representative stated that the most desirable targets for the group were agriculture companies, manufacturers, insurance firms, and law firms. The REvil actor claimed that on average roughly one in three of its victims agrees to pay an extortion fee.

Ransomware

Ransomware Security Agriculture Cybersecurity

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

A joint research by Elliptic and Corvus Insurance revealed that the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. ” Most of the victims are in the manufacturing, engineering and construction, and retail sectors. The average ransom payment was $1.2 61,9% of the victims are in the US, 15.8%

Ransomware

Ransomware Blockchain Retail Insurance

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Security Affairs

FEBRUARY 28, 2024

BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA , the US defense contractor NJVC , gas pipeline Creos Luxembourg S.A. , the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware Government Insurance Manufacturing

US. rail and locomotive company Wabtec hit with Lockbit ransomware

Security Affairs

JANUARY 4, 2023

It manufactures products for locomotives, freight cars and passenger transit vehicles, and builds new locomotives up to 6,000 horsepower. rail and locomotive company Wabtec Corporation disclosed a data breach after it was hit with Lockbit ransomware attack. The company employs approximately 25,000 people and has 50 plants all over the world.

Ransomware

Ransomware Insurance Data breaches Manufacturing

Nice Suzuki, sport: shame dealer left your data up for grabs

Security Affairs

JULY 21, 2023

Cybernews research team discovered that two Suzuki-authorized dealer websites were leaking customers’ sensitive information. Suzuki or otherwise, buying a new vehicle is an intense experience with complicated credit, insurance, documentation, and contracts. Rarely do car manufacturers sell their cars directly.

Manufacturing

Manufacturing Phishing Access Insurance

Ransomware infected systems at Xchanging, a DXC subsidiary

Security Affairs

JULY 6, 2020

Xchanging is a business process and technology services provider and integrator, which provides technology-enabled business services to the commercial insurance industry. Xchanging is primarily an insurance managed services business that operates on a standalone basis.”

Ransomware

Ransomware Insurance Financial Services Manufacturing

Trojanized Comm100 Live Chat app installer distributed a JavaScript backdoor

Security Affairs

OCTOBER 4, 2022

The malicious installer was used to infect organizations in multiple sectors, including the industrial, healthcare, technology, manufacturing, insurance and telecommunications sectors in North America and Europe. The attack took place from at least September 27, 2022 through the morning of September 29, 2022.

Metadata

Metadata Insurance Manufacturing Communications

The Week in Cyber Security and Data Privacy: 16–22 October 2023

IT Governance

OCTOBER 24, 2023

D-Link Corporation Provides Details about an Information Disclosure Security Incident Date of breach: 2 October 2023. Breached organisation: D-Link Corporation, Taiwanese networking equipment manufacturer. Casio Issues Apology and Notice Concerning Personal Information Leak Date of breach: 11 October 2023.

Data Privacy

Data Privacy Privacy Security Data breaches

New RA Group ransomware gang is the latest group using leaked Babuk source code

Security Affairs

MAY 15, 2023

Compromised organizations operate in different business verticals, including manufacturing, wealth management, insurance providers, and pharmaceuticals. The researchers noticed that the path contains the same mutex name as the Babuk ransomware, a circumstance that suggests the malware borrows Babuk’s leaked source code.

Ransomware

Ransomware Encryption Healthcare Insurance

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

Security Affairs

FEBRUARY 27, 2024

Optum Solutions is a subsidiary of UnitedHealth Group, a leading health insurance company in the United States. “On February 21, 2024, UnitedHealth Group (the “Company”) identified a suspected nation-state associated cyber security threat actor had gained access to some of the Change Healthcare information technology systems.

Ransomware

Ransomware Government Insurance Manufacturing

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

According to the notice published on the website of the OAG on August 07, 2023, exposed personal information includes names, addresses, social security information, health information, and health insurance information. The Dallas City Council has approved a budget of $8.5

Ransomware

Ransomware Encryption Systems administration Cybersecurity

The hidden threats facing your intellectual property

IT Governance

SEPTEMBER 4, 2018

For life sciences and pharmaceutical companies, this includes data on the development and testing of new therapies and details of how therapies are manufactured. Last year, private healthcare giant BUPA suffered a breach affecting 108,000 health insurance policies when a rogue employee copied and removed information from the organisation.

Healthcare

Healthcare Insurance Manufacturing Risk

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

ICICI Bank’s response Threat to financial accounts Finance and insurance are one of the most targeted industries by cybercriminals. Last year, with a total share of 18% of all cyberattacks, it was the second most targeted industry, following manufacturing.

Personal data

Personal data Phishing Risk Financial Services

Luxottica data breach exposes info of LensCrafters and EyeMed patients

Security Affairs

NOVEMBER 8, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. For some patients, exposed information included credit card numbers and social security numbers.

Data breaches

Data breaches Insurance Retail Ransomware

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

.” PIONEER KITTEN hackers to date have focused their attacks against entities in North American and Israeli, while targeted sectors include technology, government, defense, healthcare, aviation, media, academic, engineering, consulting and professional services, chemical, manufacturing, financial services, insurance, and retail. .

Access

Access Financial Services Retail Insurance

List of Data Breaches and Cyber Attacks in February 2023 – 29.5 Million Records Breached

IT Governance

MARCH 1, 2023

IT Governance is dedicated to helping organisations tackle the threat of cyber crime and other information security weaknesses. It follows a mammoth start to the year, with more than 277 million breached records in January , and brings the running total for the year to over 300 million pieces of compromised personal data.

Data breaches

Data breaches Ransomware e-Delivery Government

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

IT Governance

MARCH 1, 2022

In the midst of all this, organisations across Europe have reported delays as a result of alleged state-sponsored attacks – including Toyota’s Japanese plants and a kettle manufacturer in the Isle of Man.

Data breaches

Data breaches Ransomware Government Blockchain

Government survey reveals GDPR awareness is falling short

IT Governance

FEBRUARY 8, 2018

Of the businesses surveyed, those in the finance and insurance industries had the highest levels of awareness (79%), followed by information and communications (67%) and education (52%). The industries with the least awareness were construction (25%) and production and manufacturing (27%). Are your staff aware of the GDPR?

GDPR

GDPR Government Education Compliance

NHTSA Releases New Automobile Cybersecurity Best Practices

Hunton Privacy

OCTOBER 28, 2016

The National Highway Safety Administration (“NHTSA”) recently issued non-binding guidance that outlines best practices for automobile manufacturers to address automobile cybersecurity. According to the NHTSA, the Cybersecurity Guidance is “non-binding guidance” that contains “voluntary best practices” to improve motor vehicle cybersecurity.

Cybersecurity

Cybersecurity Energy and Utilities Manufacturing Insurance

Prometei botnet is targeting ProxyLogon Microsoft Exchange flaws

Security Affairs

APRIL 26, 2021

Prometei has been observed to be active in systems across a variety of industries, including: Finance, Insurance, Retail, Manufacturing, Utilities, Travel, and Construction.” . “The victimology is quite random and opportunistic rather than highly targeted, which makes it even more dangerous and widespread.

Mining

Mining Retail Insurance Manufacturing

China: Navigating China episode 18: Increased scrutiny over connected car and automobile industry data from Chinese regulators, including push towards data localisation

DLA Piper Privacy Matters

JUNE 4, 2021

This is a reminder for the automobile industry – and its supporting industries and insurers – to ensure a robust compliance framework to protect that data, and to reconsider processing of such data outside of China.

Big data

Big data Compliance Personal data Insurance

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

US agencies warn that groups employed DarkSide ransomware in attacks aimed at organizations across various Critical Infrastructure sectors, including manufacturing, legal, insurance, healthcare, and energy. “Our goal is to make money, and not creating problems for society,” reads a statement from the group.

Ransomware

Ransomware Phishing Encryption Risk

China Publishes Draft Regulations on Protecting the Security of Key Information Infrastructure

Hunton Privacy

JULY 11, 2017

To be counted as “key information infrastructure,” however, the infrastructure must still meet the criterion that severe endangerment of national security, the national economy and the people’s livelihood and the public interest would result if the infrastructure suffers destruction, loss of functionality or leakage of data.

Energy and Utilities

Energy and Utilities Security Cybersecurity Manufacturing

Data security: Why a proactive stance is best

IBM Big Data Hub

JULY 7, 2023

IBM Security X-Force found the most common threat on organizations is extortion, which comprised more than a quarter (27%) of all cybersecurity threats in 2022. Thirty percent of those incidents occurred in manufacturing organizations. Here are some data security measures that every organization should strongly consider implementing.

Security

Security Data breaches Data Privacy Compliance

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C. Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc. Organisation(s) Sector Location Data breached?

Data Privacy

Data Privacy Privacy Security Data breaches

Top GRC Tools & Software for 2021

eSecurity Planet

JANUARY 21, 2021

The Riskonnect GRC platform has specific use cases for risk management, information security, compliance, and audit professionals in healthcare, retail, insurance, financial services, and manufacturing. Insurance & claims management. See our in-depth look at LogicManager. Riskonnect. Back to top. Back to top.

Compliance

Compliance Risk Government Retail

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

The Riskonnect GRC platform has specific use cases for risk management, information security, compliance, and audit professionals in healthcare, retail, insurance, financial services, and manufacturing. Insurance & claims management. See our in-depth look at LogicManager. Riskonnect. Back to top. Back to top.

Compliance

Compliance Risk Government Retail

OCR Provides Insight into Enforcement Priorities and Breach Trends

HL Chronicle of Data Protection

OCTOBER 21, 2019

Regulators, industry experts, and researchers provided insight into health privacy and security enforcement trends, emerging threats, and new tools at a recent conference focused on the Health Insurance Portability and Accountability (HIPAA) regulatory framework.

Risk

Risk Compliance Privacy Phishing

2019 end-of-year review part 1: January to June

IT Governance

DECEMBER 27, 2019

IT Governance is closing out the year by rounding up 2019’s biggest information security stories. There are plenty of cases where the extent of a breach isn’t known until the information resurfaces years later (as you might recall from Yahoo’s security meltdown ).

Data breaches

Data breaches GDPR Passwords Personal data

The Top 5 Reasons to Use an API Management Platform

Security Affairs

NOVEMBER 20, 2023

Over the course of his 20+ years of IT and Security, Ross has served in a variety of operations and infosec roles for companies in the manufacturing, healthcare, real estate, business insurance, and technology sectors. He holds (ISC)2’s SSCP along with CompTIA’s Pentest+ and Security+ certifications, a B.S.

Authentication

Authentication Risk Government Compliance

Forescout Platform: NAC Product Review

eSecurity Planet

APRIL 7, 2023

combinations Enables automated response to quickly and effectively contain threats based upon policy from moderate (move to guest network, assign to self-remediation VLAN, apply OS updates/patches, etc.) to stringent (quarantine assets, turn off switch port, block access, disable network card, etc.)

IoT

IoT Compliance Cloud Access

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

Source (New) Manufacturing Taiwan Yes 4,715,133 Mustafa Centre Source 1 ; source 2 (Update) Retail Singapore Yes >3,5000,000 TRAXERO Source (New) Software USA Yes 2,634,753 Piping Rock Health Products Source 1 ; source 2 ; source 3 (New) Manufacturing USA Yes 2,103,100 FBCS, Inc.

Data Privacy

Data Privacy Privacy Manufacturing Security

Researchers shared the lists of victims of SolarWinds hack

Security Affairs

DECEMBER 22, 2020

Fidelity Communications (ISP) NetBios HTTP Backdoor 2020-06-02 fisherbartoninc.com The Fisher Barton Group (Blade Manufacturer) NetBios HTTP Backdoor 2020-05-15 fmtn.ad TE Connectivity (Sensor manufacturer) NetBios HTTP Backdoor 2020-05-13 thx8xb NetBios HTTP Backdoor 2020-06-16 tx.org NetBios HTTP Backdoor 2020-07-15 usd373.org

Communications

Communications Manufacturing Financial Services Insurance

Q&A: NIST’s new ‘Enterprise Risk Management’ guidelines push cyber risks to board level

The Last Watchdog

JUNE 1, 2020

And they might look into getting insurance to transfer at least some of this risk. LW: How ready is the insurance industry to supply policies to cover cyber risks enterprises may increasingly look to transfer – as they integrate cyber risk into ERM planning? Clinton: The insurance industry is large, complex and diversified.

Risk

Risk Insurance Cybersecurity Marketing

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Webinars

Trending Sources

Ransomware attacks break records in 2023: the number of victims rose by 128%

Webinars

Episode 158: How NotPetya has Insurers grappling with Systemic Cyber Risk

McLaren Health Care revealed that a data breach impacted 2.2 million people

Cybersecurity Incident Highlights Questions about Cyber Insurance Coverage

Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform

Belden discloses data breach as a result of a cyber attack

A massive phishing campaign using QR codes targets the energy sector

SSL Bugs Likely to Have Insurance Coverage Implications

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

US. rail and locomotive company Wabtec hit with Lockbit ransomware

Nice Suzuki, sport: shame dealer left your data up for grabs

Ransomware infected systems at Xchanging, a DXC subsidiary

Trojanized Comm100 Live Chat app installer distributed a JavaScript backdoor

The Week in Cyber Security and Data Privacy: 16–22 October 2023

New RA Group ransomware gang is the latest group using leaked Babuk source code

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

The hidden threats facing your intellectual property

Multinational ICICI Bank leaks passports and credit card numbers

Luxottica data breach exposes info of LensCrafters and EyeMed patients

Iran-linked APT group Pioneer Kitten sells access to hacked networks

List of Data Breaches and Cyber Attacks in February 2023 – 29.5 Million Records Breached

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

Government survey reveals GDPR awareness is falling short

NHTSA Releases New Automobile Cybersecurity Best Practices

Prometei botnet is targeting ProxyLogon Microsoft Exchange flaws

China: Navigating China episode 18: Increased scrutiny over connected car and automobile industry data from Chinese regulators, including push towards data localisation

US CISA and FBI publish joint alert on DarkSide ransomware

China Publishes Draft Regulations on Protecting the Security of Key Information Infrastructure

Data security: Why a proactive stance is best

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

Top GRC Tools & Software for 2021

Top 10 Governance, Risk and Compliance (GRC) Vendors

OCR Provides Insight into Enforcement Priorities and Breach Trends

2019 end-of-year review part 1: January to June

The Top 5 Reasons to Use an API Management Platform

Forescout Platform: NAC Product Review

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

Researchers shared the lists of victims of SolarWinds hack

Q&A: NIST’s new ‘Enterprise Risk Management’ guidelines push cyber risks to board level

Stay Connected