Schneier on Security

FEBRUARY 28, 2024

In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017. 11, 2001, terrorist attacks.

Insurance 94

Insurance Government Cybersecurity Risk 94

IT Governance

OCTOBER 31, 2023

Thousands of drivers have sensitive data exposed to hackers in major IT breach Date of breach: Unclear, but breached documents date back to 2017. Records breached: 512,000 documents, with details of insurance investigations, vehicle registration certificates, notices of car seizures and payment card details.

Data Privacy 52

Data Privacy Privacy Data breaches Security 52

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

IT Governance

DECEMBER 27, 2019

Victims of Equifax’s 2017 data breach were given the go-ahead to launch a class-action lawsuit. The site’s security team suspected that users were being targeted in a credential-stuffing attack; this is where cyber criminals use a list of stolen usernames and passwords en masse to break into an account.

Data breaches 69

Data breaches GDPR Passwords Personal data 69

eSecurity Planet

FEBRUARY 16, 2021

Ransomware frequently contains extraction capabilities that can steal critical information like usernames and passwords, so stopping ransomware is serious business. The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. Jump to: What is ransomware?

Ransomware 97

Ransomware Encryption Insurance Cloud 97

KnowBe4

MAY 9, 2023

The payload is a cryptojacking Monero miner. A cryptojacker is bad enough since it will drain power and degrade device performance. This one also carries the potential for compromising sensitive information, particularly credentials, and serving as staging for further attacks. This campaign may be more effective for its routine, innocent look.

Phishing 71

Phishing Passwords Insurance Systems administration 71

eSecurity Planet

OCTOBER 5, 2021

Passwords are the most common authentication tool used by enterprises, yet they are notoriously insecure and easily hackable. But even when passwords are secure, it’s not enough. Recently, hackers leaked 87,000 Fortinet VPN passwords , mostly from companies who hadn’t yet patched a two-year-old vulnerability. MFA can be hacked.

Authentication 104

Authentication Passwords Access Computer and Electronics 104