Hunton Privacy

JUNE 22, 2020

On July 1, 2020, amendments to Vermont’s data breach notification law, signed into law earlier this year, will take effect along with Vermont’s new student privacy law. Student Data Privacy. Security Breach Notice Act. The number of affected consumers exceeding 5,000 is no longer a basis for providing substitute notice.

Data breaches 107

Data breaches Privacy Education Data Privacy 107

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4 Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence 92

Artificial Intelligence Data breaches Security Ransomware 92

Hunton Privacy

NOVEMBER 14, 2022

Health insurance information : an individual’s health insurance policy number or subscriber number in combination with access code or other medical information that permits misuse of an individual’s health insurance benefits.

Insurance 55

Insurance Passwords Access Security 55

Hunton Privacy

JULY 1, 2022

Since Carnival was licensed by the Department to sell insurance in NY State, it was treated as a covered entity under the Cybersecurity Regulation. In addition to the monetary penalty of $5 million, NYDFS also accepted Carnival’s surrender of its insurance producer license; thus, Carnival has ceased selling insurance in New York.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

Hunton Privacy

OCTOBER 15, 2021

The Division of Consumer Affairs alleged that the fertility clinic violated the New Jersey Consumer Fraud Act and the federal Health Insurance Portability and Accountability Act’s (“HIPAA”) Privacy and Security Rules by removing protected health information (“PHI”) safeguards. Neafsey said in a statement regarding the breach.

Data breaches 103

Data breaches Privacy Insurance Information Security 103

IT Governance

OCTOBER 31, 2023

Records breached: 512,000 documents, with details of insurance investigations, vehicle registration certificates, notices of car seizures and payment card details. Records breached: Exact numbers unknown, but names, dates of birth, Social Security numbers, health insurance information and class lists were exfiltrated.

Data Privacy 52

Data Privacy Privacy Data breaches Security 52

Data Matters

DECEMBER 2, 2020

financial information, life/health insurance information, specified medical information, information leading to identification of a vulnerable adult, child, or young person who is the subject of an investigation or relating to court proceedings involving a child and young person, or.

Data Privacy 74

Data Privacy Privacy Data breaches Personal data 74

IT Governance

NOVEMBER 28, 2023

The post The Week in Cyber Security and Data Privacy: 20 – 26 November 2023 appeared first on IT Governance UK Blog. Among those affected was SAP SE. The researchers discovered credentials that provided access to 95,592,696 artifacts, as well as download permissions and some deploy operations.

Data Privacy 52

Data Privacy Privacy Energy and Utilities Data breaches 52

Data Protection Report

OCTOBER 3, 2021

Effective October 1, 2021, an amendment [1] to the Connecticut General Statute concerning data privacy breaches, Section 36a-701b, will impact notification obligations in several significant ways. 60-Day Notification Window.

Data breaches 142

Data breaches IT Insurance Passwords 142

Data Protection Report

FEBRUARY 8, 2022

According to the settlement agreement, the AG concluded that EyeMed’s security practices did not meet the requirements of the SHIELD Act with respect to four requirements: authentication, password management, logging and monitoring, and data retention in the email account. In total, information for approximately 2.1

Passwords 98

Passwords Financial Services Authentication Insurance 98

Hunton Privacy

AUGUST 2, 2021

On June 16, 2021, Connecticut Governor Ned Lamont signed HB 5310, An Act Concerning Data Privacy Breaches. New Breach Notification Requirements (HB 5310). requiring “preliminary substitute notice” to individuals if a business cannot provide direct notification within the 60-day notification timeframe.

Cybersecurity 87

Cybersecurity Insurance Military Data Privacy 87

Thales Cloud Protection & Licensing

MARCH 22, 2023

Banking, finance, and insurance institutions must safeguard consumer information and accounts while providing customers continuous access to their balances and funds. It delivers a robust digital experience that enables frictionless onboarding and offboarding of external identities while ensuring security, privacy, and compliance.

Customer Experience 71

Customer Experience Security Authentication Privacy 71

Security Affairs

SEPTEMBER 15, 2022

Viable choices such as hard tokens allow access to software and verifies identity with a physical device instead of authentication codes or passwords. Update or draft an incident response plan, in accordance with Health Insurance Portability and Accountability Act (HIPAA) privacy and security rules.

Passwords 80

Passwords Phishing Authentication Communications 80

Data Matters

FEBRUARY 6, 2019

The stolen information allegedly included names and identifying information, hashed passwords, security questions and answers, family information, Social Security numbers, lab results, health insurance information, doctor’s names, and medical conditions, among other things.

Data breaches 83

Data breaches Computer and Electronics Security Insurance 83

Data Matters

JUNE 29, 2018

Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). This legislation was enacted on an extraordinarily accelerated timeframe as part of compromise with the sponsor of a comparable privacy ballot initiative, which had qualified to be placed before state voters on Election Day in November 2018.

GDPR 79

GDPR Privacy Sales Data breaches 79

IT Governance

FEBRUARY 16, 2023

That said, if recent data breaches have taught us anything, it’s that you can never be too cautious about the data privacy practices of multinationals. With Pepsi not clarifying who was affected in the incident, it will only sow suspicion and uncertainty.

Data breaches 105

Data breaches Insurance Manufacturing Access 105

Data Matters

JANUARY 28, 2022

Organizations can use the logs to look for password spray activity, identify unusual activity in dormant accounts, or identify when an IP address is not consistent with the user’s expected location. Microsoft and Mandiant recommended that organizations also review logs for remote access infrastructure to confirm authenticity. The post U.S.

Cybersecurity 157

Cybersecurity Financial Services Authentication Government 157

Data Matters

AUGUST 30, 2021

2 The SEC’s Pearson Order follows its June 2021 announcement that it had settled charges against First American Title Insurance Company (First American) for cybersecurity disclosure control failures. This Form 6-K filing echoed prior filings indicating that no “major data privacy or confidentiality breach” had occurred.

Cybersecurity 97

Cybersecurity Risk Data Privacy Passwords 97

IT Governance

NOVEMBER 1, 2022

Mexico confirms hack of military records (unknown) Randolph-area school district disables its own website following transphobic hack (unknown) Australia’s Telstra hit by data breach, two weeks after attack on Optus (unknown) Patient details compromised in cyber attack on health provider Pinnacle (unknown) CHI Health faces ‘IT security incident’ impacting (..)

Data breaches 111

Data breaches Ransomware Insurance Phishing 111

Data Matters

OCTOBER 24, 2019

Today we look at verification, children’s privacy and the non-discrimination provisions. In the summer of 2018, the California Legislature drafted and passed the California Consumer Privacy Act (CCPA) in record time. DETAILED ANALYSIS ON VERIFICATION, CHILDREN’S PRIVACY AND NON-DISCRIMINATION. INTRO AND BACKGROUND.

Privacy 60

Privacy Sales Passwords Authentication 60

Security Affairs

DECEMBER 18, 2019

LifeLabs has also reported the incident privacy commissioners and government partners. ” LifeLabs is offering cybersecurity protection services to its customers, including identity theft and fraud protection insurance. LifeLabs CEO Charles Brown apologized for the security incident. ” said Brown.

Data breaches 59

Data breaches Insurance Passwords Access 59

Data Matters

JUNE 29, 2018

Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). This legislation was enacted on an extraordinarily accelerated timeframe as part of compromise with the sponsor of a comparable privacy ballot initiative, which had qualified to be placed before state voters on Election Day in November 2018.

GDPR 60

GDPR Privacy Sales Data breaches 60

IT Governance

SEPTEMBER 1, 2020

Toronto residents’ CERB payments on hold after fraudulent employment insurance claims (700) Kentucky’s unemployment system suffers another breach (unknown) Defence supplier PULAU Corporation says it has been hacked (unknown) American Payroll Association notifying those affected by cyber attack (unknown). Cyber attacks. Hitachi Chemical Co.

Data breaches 122

Data breaches Ransomware Insurance Manufacturing 122

Armstrong Archives

AUGUST 25, 2023

The Health Insurance Portability and Accountability Act (HIPAA) ensures individuals’ health data protection and privacy. This includes insurance companies, nurses, and doctors. It’s all about creating the perfect balance between optimal medical services while upholding patient privacy.

Computer and Electronics 52

Computer and Electronics Insurance Compliance Risk 52

Hunton Privacy

OCTOBER 25, 2022

The compromised data included contact details, national insurance numbers and bank account details, as well as special category data, including ethnic origin, religion, details of any disabilities, sexual orientation and health information.

Security 97

Security Personal data GDPR Insurance 97

Data Matters

DECEMBER 10, 2019

standard login passwords). hardware tokens and one-time passwords). Note, however, that a dual-password model constitutes only one factor (i.e., Data privacy issues: Cyberattacks often involve identity theft. Insurance: The firm should communicate with its insurance company and review policy coverage.

Data breaches 60

Data breaches Insurance Authentication Risk 60

Data Matters

DECEMBER 10, 2019

standard login passwords). hardware tokens and one-time passwords). Note, however, that a dual-password model constitutes only one factor (i.e., Data privacy issues: Cyberattacks often involve identity theft. Insurance: The firm should communicate with its insurance company and review policy coverage.

Data breaches 60

Data breaches Insurance Authentication Risk 60

The Last Watchdog

AUGUST 19, 2021

as well as insurance and merchant accounts, to commit insurance fraud and wire fraud. Look for unusual activity on your phone and requests for password resets you’re not expecting. Trevor Morgan, product manager, comforte AG: Morgan.

Data breaches 306

Data breaches Authentication Access Personal data 306

Hunton Privacy

JUNE 17, 2019

Arizona and 15 other states (the “Multistate AGs”) filed the suit in December 2018, asserting claims under the federal Health Insurance Portability and Accountability (“HIPAA”) as well as various applicable state data protection laws. Notably, the lawsuit was the first-ever multistate litigation alleging claims under HIPAA.

Data breaches 58

Data breaches IT Insurance Privacy 58

Hunton Privacy

OCTOBER 22, 2018

Three years ago, in February 2015, OCR opened a compliance review of Anthem, the nation’s second largest health insurer, following media reports that Anthem had suffered a significant cyberattack. That breach, affecting approximately 79 million individuals, was the largest breach of protected health information (“PHI”) in history.

Computer and Electronics 63

Computer and Electronics Passwords Data breaches Compliance 63

IBM Big Data Hub

JULY 7, 2023

Data protection and data privacy Data protection , defined as protecting important information from corruption, damage or loss, is critical because data breaches resulting from cyberattacks can include personally identifiable information (PII), health information, financial information, intellectual property and other personal data.

Security 40

Security Data breaches Data Privacy Compliance 40

Hunton Privacy

MAY 9, 2019

Further, the expanded definition now includes “username or email address in combination with a password or security questions and answers that would permit access to an online account” (without an individual’s name). HB 1071 provides that if the breach involves a username or password, an entity may provide notice by email.

Data breaches 68

Data breaches Passwords Insurance Military 68

Data Matters

APRIL 10, 2020

While the world seems to have ground to a halt in so many ways, time still marches on, and along with it, the California Consumer Privacy Act (“CCPA”) enforcement date (July 1, 2020) inches ever closer. Restoration of privacy policy disclosures (§ 999.308). Guidance on user-enabled global privacy controls (§ 999.315).

Privacy 68

Privacy Sales Insurance Compliance 68

Adam Levin

NOVEMBER 17, 2020

Make sure your smartphone, tablet and laptop are password-protected, particularly if you’re in the habit of carrying them around wherever you go. Create long and strong passwords. Never use duplicate usernames or passwords across any of your online accounts to limit your exposure in case of a data breach. Lock your devices.

Retail 97

Retail e-Delivery Passwords Phishing 97

Adam Levin

SEPTEMBER 5, 2019

So, we can call this a Facebook privacy facepalm legacy attack. It’s a sad state of Facebook privacy news fatigue that the urge is so strong to create privacy fail sub-categories—but there you have it. The information is at least a year old, which was when Facebook stopped allowing developers to have user phone numbers.

Mining 79

Mining Authentication Financial Services Privacy 79

DLA Piper Privacy Matters

FEBRUARY 28, 2022

Check your cyber insurance policy. Ensure good password hygiene. Ensure passwords are regularly changed and meet minimum length and complexity requirements (e.g. by forced password reset after a set period). Remind staff that they should never use the same passwords for access to business and personal resources.

Passwords 98

Passwords Phishing Risk Access 98

IT Governance

DECEMBER 1, 2022

Brazilian health insurance firm Fisco Saúde hit by cyber attack (unknown). Spain’s Generali España insurance company says it was hacked (unknown). AstraZeneca password lapse exposed patient data (unknown). Riverside Health Care reports privacy breach was due to inappropriate access of EMR by a staff member (unknown).

Data breaches 115

Data breaches Ransomware Personal data Insurance 115