IT Governance

JUNE 27, 2019

June 2019’s total of 39,713,046 breached records is the lowest since May last year – the month that the GDPR (General Data Protection Regulation) came into effect. Theta360 exposes user-uploaded photos (11 million). Virginia-based insurer Dominion National investigating data breach dating back to 2010 (unknown).

Data breaches 111

Data breaches Personal data Ransomware GDPR 111

Security Affairs

MAY 13, 2020

Magellan Health, a for-profit managed health care and insurance firm, was the victim of a ransomware attack. Magellan Health Inc announced it was the victim of a ransomware attack that took place on April 11, 2020, the company also confirmed that hackers have stolen personal information from one of its corporate servers.

Data breaches 127

Data breaches Ransomware Insurance Passwords 127

Krebs on Security

APRIL 15, 2019

One source familiar with the forensic investigation at a Wipro customer said it appears at least 11 other companies were attacked, as evidenced from file folders found on the intruders’ back-end infrastructure that were named after various Wipro clients. That source declined to name the other clients. “A total of 44.4

IT 269

IT Insurance Communications Phishing 269

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

Data Matters

SEPTEMBER 20, 2021

The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. Highlights include, among others, adoption of revised risk-based capital bond factors for life insurers, amendments to SSAP No. NAIC Adopts Revised Risk-Based Capital Bond Factors for Life Insurers.

Insurance 88

Insurance e-Delivery Paper Sales 88

Security Affairs

NOVEMBER 13, 2020

. “The files, which included driver information for licenses issued before February 2019, contained Texas driver license numbers, as well as names, dates of birth, addresses and vehicle registration histories. ” The incident took place on March 11, and the data were secured on August 1.

Data breaches 117

Data breaches Insurance Access Security 117

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories. Part one covers January to June, and will be followed by part in the coming days.

Data breaches 69

Data breaches GDPR Passwords Personal data 69

Data Matters

DECEMBER 28, 2020

The National Association of Insurance Commissioners (NAIC) held its Fall 2020 National Meeting (Fall Meeting) December 3-9, 2020. NAIC Adopts the Group Capital Calculation Template and Instructions and Related Revisions to the Insurance Holding Company Act. Insurance groups will be exempt from filing a GCC if. groups to non-U.S.

Insurance 68

Insurance Paper Risk Analytics 68

Hunton Privacy

APRIL 30, 2019

The French Data Protection Authority (the “CNIL”) recently published its Annual Activity Report for 2018 (the “Report”) and released its annual inspection program for 2019. Overall, only 11 sanctions were imposed by the CNIL’s Restricted Committee in 2018, including 10 fines. percent compared to the number of complaints in 2017).

GDPR 48

GDPR Personal data Data breaches Marketing 48

The Last Watchdog

APRIL 3, 2019

I had the chance at RSA 2019 to visit with Mike Kiser, global strategist at SailPoint , an Austin, TX-based supplier of IGA services to discuss this. SailPoint, which went public in November 2017, has grown to more than 1000 employees in 30 locations. Compliance matters. As complexity has intensified, so have compliance challenges.

Digital transformation 140

Digital transformation Insurance Compliance Healthcare 140

Security Affairs

JANUARY 21, 2020

According to a joint report published by RiskIQ and FlashPoint in 2019 , some groups are more advanced than others, in particular, the gang tracked as Group 4 appears to be very sophisticated. Forensics experts hired by the company discovered that the malicious code was likely planted on September 16, 2019.

Data breaches 103

Data breaches Retail Cloud Insurance 103

CGI

JANUARY 11, 2019

Fri, 01/11/2019 - 05:39. I thought it was about time we had a ‘glass half full’ perspective on Brexit, as too many Insurers are focussing on downsides at the expense of the opportunities. Insurers are still writing business past March 2019 on the assumption that these policies will still have force across the EU.

Insurance 40

Insurance Marketing Big data Compliance 40

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information.

Cybersecurity 68

Cybersecurity Financial Services Risk Compliance 68

IT Governance

OCTOBER 31, 2019

Norfolk and Norwich University Hospital patients furious after their health records sent to the wrong address (11). Louisiana-based health insurance firm Humana notifies customers of privacy breach (500). Auckland woman sent ‘fully identifiable’ mental health notes about another patient (1).

Data breaches 92

Data breaches Ransomware Phishing Retail 92

IT Governance

NOVEMBER 20, 2023

Rackspace ransomware recovery has cost $11 million so far Rackspace has told the SEC that recovering from a ransomware attack last December has cost it $11 million in remediation so far – although half of that amount has been covered by insurance. That’s it for this week’s round-up. We hope you found it useful.

Data Privacy 52

Data Privacy Privacy Data breaches Security 52

IT Governance

JUNE 1, 2021

Doncaster-based One Call Insurance hit by ransomware (unknown) Ransomware attack on Swiss Cloud Computing AG (6,500) Wolfe Eye Clinic victim of Lorenz threat actors (unknown) One of the US’s largest pipelines shuts down to contain cyber security breach (unknown) J. Find out more. Ransomware.

Data breaches 124

Data breaches Ransomware Insurance Energy and Utilities 124

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

eSecurity Planet

JANUARY 11, 2022

Series B Apiiro Security 2019 Tel Aviv, Israel 65 $35.0 Series A BluBracket 2019 Palo Alto, CA 27 $18.5 Series A Cycode 2019 Tel Aviv, Israel 56 $81.0 Series B Open Raven 2019 Los Angeles, CA 45 $19.1 Startup Est Headquarters Staff Funding Funding Type Anvilogic 2019 Palo Alto, CA 34 $14.4 Series B SECURITI.ai

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142

Data Matters

AUGUST 24, 2018

The National Association of Insurance Commissioners (NAIC) held its Summer 2018 National Meeting in Boston, Massachusetts, from August 4 to 7, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data . The NAIC is also considering insurers’ use of big data in underwriting life insurance products.

Insurance 60

Insurance Big data e-Delivery Risk 60

Hunton Privacy

DECEMBER 3, 2018

It therefore intends to cover standard customer data processing activities carried out by any data controller, except (1) health or educational institutions; (2) banking or similar institutions; (3) insurance companies; and (4) operators subject to approval by the French Online Gambling Regulatory Authority.

GDPR 81

GDPR Personal data Insurance Education 81

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Vicarius Vulnerability management 2022 Private Dragos ICS and OT security 2021 Private Safeguard Cyber Risk management 2021 Private CyberGRX Risk management 2019 Private Signifyd Fraud protection 2018 Private RedOwl Security analytics 2015 Acquired: Forcepoint. Accel Investments. Andreessen Horowitz (a16z).

Cybersecurity 126

Cybersecurity Cloud Marketing Security 126

HL Chronicle of Data Protection

MAY 7, 2019

Health Insurance Portability and Accountability Act (HIPAA). Date: Wednesday, May 15, 2019. EST. 11:30 a.m. California Consumer Privacy Act (CCPA). Cybersecurity risk management and compliance strategies. Litigation risks and strategies. Time: 12:30 p.m. – 1:30 p.m. – 12:30 p.m.

Risk 40

Risk IT Compliance Privacy 40

Data Matters

SEPTEMBER 18, 2019

These regulatory technical standards were passed into EU law as Commission Delegated Regulation (EU) 2018/389 (the RTS), which entered into effect on September 14, 2019. Examples of MITs given by the EBA include utilities bill payments, TV and mobile phone subscriptions, digital services subscriptions and insurance premium payments.

Authentication 102

Authentication e-Delivery Risk Sales 102

Hunton Privacy

JUNE 16, 2020

On June 11, 2020, the California Senate amended AB-713 to the California Consumer Privacy Act of 2018 (“CCPA”). The Senate’s recent amendments impose new contractual obligations on the use or sale of de-identified information and modify the exemption from the CCPA for information used for public health purposes.

Privacy 71

Privacy Sales Insurance Access 71

IT Governance

JANUARY 30, 2024

Source (New) Retail USA Yes 2,588,849 Keenan & Associates Source 1 ; source 2 (Update) Insurance USA Yes 1,509,616 AGC Group Source (New) Manufacturing Japan Yes 1.5 Responses must be submitted by 11:59 pm on Tuesday, 19 March 2024. TB Four Hands Source (New) Manufacturing USA Yes 1.5 Source (New) Non-profit USA Yes 25,908.62

Data Privacy 52

Data Privacy Retail Privacy Manufacturing 52

Adam Levin

NOVEMBER 23, 2020

You might also want to check with your insurance company, financial institution and/or employer to see if they offer products and services to get you through an identity-related incident. According to the Better Business Bureau, 37.9% of all reports to the BBB Scam Tracker “were online purchase scams, up from 24.3% On top of that, 80.5%

Retail 95

Retail Passwords Insurance Phishing 95

Security Affairs

AUGUST 8, 2021

All material from 2018-2019. Figure 5 – Screenshot from Group-IB Threat Intelligence & Attribution system Nevertheless, according to Group-IB’s findings, despite the post author’s claim that the cards were compromised from 2018-2019, 97% of the records in the database are still valid. Valid at 3%.

Marketing 127

Marketing Sales IT Insurance 127

eSecurity Planet

FEBRUARY 16, 2021

In 2019, Danish company Demant paid $85 million after losing access to 22,000 computers in 40 countries. In 2019, the municipal government of New Orleans was forced to declare a state of emergency and paid over $7 million. Microsegmentation is the ultimate solution to stopping lateral movement. Adaptive Monitoring and Tagging.

Ransomware 97

Ransomware Encryption Insurance Cloud 97

IT Governance

MAY 2, 2019

A third of businesses and a fifth of charities were hit by a cyber attack or data breach in the past year, the UK government’s Cyber Security Breaches Survey 2019 has found. More medium-sized (31% vs 19%) and large businesses (35% vs 24%) have invested in cyber insurance.

Data breaches 69

Data breaches GDPR IT Compliance 69

eDiscovery Daily

FEBRUARY 18, 2019

7, 2019) , Kansas Magistrate Judge James P. As a result, he evaluated each of the factors of Rule 37(e) in turn: Duty to Preserve: Judge O’Hara noted that “defendant concedes that as of October 11, 2016, the date on which it received notice of plaintiff’s discrimination charge from the KHRC, it ‘had an obligation to preserve the video.’”

e-Discovery 43

e-Discovery Computer and Electronics Insurance Education 43

Hunton Privacy

JUNE 16, 2020

On June 11, 2020, the California Senate amended AB-713 to the California Consumer Privacy Act of 2018 (“CCPA”). The Senate’s recent amendments impose new contractual obligations on the use or sale of de-identified information and modify the exemption from the CCPA for information used for public health purposes.

Privacy 40

Privacy Sales Insurance Access 40

Data Matters

FEBRUARY 10, 2022

11 But the SEC declined to go that far when it adopted Reg SCI. 11 See Securities Exchange Act Release No. Question 2.03 (Updated August 21, 2019), [link]. See Russian National Extradited for Role in Hacking and Illegal Trading Scheme , DOJ (Dec. 20, 2021), [link]. 4 See Alan Raul et al., 5 See Alan Raul et al.,

Cybersecurity 88

Cybersecurity Marketing Risk Compliance 88

Data Protection Report

JULY 9, 2018

On April 11, 2018, Arizona’s governor signed HB 2154 to amend the Arizona data breach notification law. South Carolina ( H4655 ) – South Carolina imposes heightened breach notification and security requirements on the insurance industry. Moreover, the Insurance Commissioner must be notified within 72 hours of a security breach.

GDPR 40

GDPR Data breaches Personal data Insurance 40

HL Chronicle of Data Protection

MAY 29, 2019

Opinion 5/2019 on the interplay between the ePrivacy Directive and the GDPR, particularly regarding the competence, tasks, and powers of data protection authorities (12.3.2019) – The EDPB confirmed that where the ePD provides for a more specific rule than the GDPR, the specific rule will prevail. More details in this blog post.

GDPR 40

GDPR Personal data Privacy Information architecture 40

Troy Hunt

MARCH 2, 2020

After 11 months of a very intensive process culminating in many months of exclusivity with a party I believed would ultimately be the purchaser of the service, unexpected changes to their business model made the deal infeasible. The point is the net was cast very wide.

IT 135

IT Mining Sales Data breaches 135

Adam Levin

DECEMBER 7, 2020

“There is a broad attack surface here — not just military and political but also insurance, law enforcement and commerce,” said Matt Turek, a program manager for the Defense Advanced Research Projects Agency to the Financial Times. households had an estimated 11 internet-connected devices per household. At the beginning of 2020, U.S.

IoT 52

IoT Artificial Intelligence Passwords Phishing 52

Data Matters

JANUARY 2, 2018

These cases have been a central part of post-9/11 privacy law. and perhaps even on the model clauses, although ultimate decisions on the merits may easily reach into 2019 or beyond. State legislatures, insurance commissions, attorneys general and regulatory agencies are moving to develop detailed cybersecurity requirements.

Cybersecurity 68

Cybersecurity Privacy Data breaches GDPR 68