Security Affairs

APRIL 8, 2021

The database was posted on a different underground forum and contained 12,344 records of the card shop admins, sellers and buyers including their nicknames, hashed passwords, contact details, history of activity, and current balance. Cardshop users, however, were recommended to change the passwords shortly after the breach report came out.

Passwords 108

Passwords Insurance Personal data Sales 108

The Last Watchdog

AUGUST 19, 2021

it’s notable that T-Mobile only learned about the breach when the data went up for sale. According to the samples ZeroFox has seen, this actor is selling names, DOBs, SSNs and state/zipcode; he claims to have IMEIs and addresses in his possession, but notably is not offering those fields for sale. We all know security is hard.

Data breaches 306

Data breaches Authentication Access Personal data 306

IT Governance

NOVEMBER 1, 2022

Mexico confirms hack of military records (unknown) Randolph-area school district disables its own website following transphobic hack (unknown) Australia’s Telstra hit by data breach, two weeks after attack on Optus (unknown) Patient details compromised in cyber attack on health provider Pinnacle (unknown) CHI Health faces ‘IT security incident’ impacting (..)

Data breaches 111

Data breaches Ransomware Insurance Phishing 111

IT Governance

NOVEMBER 6, 2023

Compromised information included patients’ names, dates of birth, postal addresses, Social Security numbers, diagnosis and treatment information, and health insurance information. Compromised data included names, Social Security numbers, and health/medical insurance plan numbers.

Data Privacy 97

Data Privacy Privacy Libraries Security 97

IT Governance

DECEMBER 1, 2022

The second was a cyber attack on the Russian scooter-sharing service Whoosh, which was discovered after customers’ data was put up for sale on the dark web. Brazilian health insurance firm Fisco Saúde hit by cyber attack (unknown). Spain’s Generali España insurance company says it was hacked (unknown). Data breach.

Data breaches 115

Data breaches Ransomware Personal data Insurance 115

IT Governance

JANUARY 9, 2020

Cyber insurance has in some regions encouraged victims to pay as it is cheaper than remediation in some cases. Endpoints such as POS (point of sale) machines or the cardholder’s own browsers are the most likely targets, via card-sniffing scripts loaded into the browser through a mix of direct or third-party hosted scripts.

Security 98

Security IoT Phishing Ransomware 98

IT Governance

SEPTEMBER 1, 2022

Meanwhile, the bastion of password security, LastPass, announced that its systems had been breached – although the organisation is confident that customers’ details remain secure. In total, we identified 112 publicly disclosed security incidents in August, resulting in 97,456,345 compromised records. Cyber attacks. Ransomware. Data breaches.

Data breaches 116

Data breaches Ransomware Energy and Utilities Phishing 116

IT Governance

FEBRUARY 26, 2019

Hacker puts up for sale third round of hacked databases on the Dark Web. Hacker Breaches Dozens of Sites, Puts 127 Million New Records Up for Sale. Artsy Alerts Users of Data-Security Breach; Report Claims Hacked Information for Sale. DataCamp notifies users of hack, forces password reset.

Data breaches 109

Data breaches Sales Phishing Ransomware 109

eSecurity Planet

DECEMBER 9, 2021

What investments can we make to drive down costs or increase sales? Be in-line with insurance policies. Be in-line with insurance policies. Insurance policies can also heavily influence how we respond to an incident—particularly cybersecurity. Document contingencies. Incorporate stakeholder feedback. Plan at a high level.

Insurance 121

Insurance Ransomware Data breaches Cloud 121

Data Matters

APRIL 10, 2020

If a business denies a consumer’s request for the deletion of personal information and sells personal information that the consumer has not already submitted a request to opt-out of sale, the business must include additional information in its response to the consumer’s deletion request.

Privacy 68

Privacy Sales Insurance Compliance 68

Adam Levin

NOVEMBER 17, 2020

According to Adobe Analytics’ recent holiday forecast , online sales are projected to surge 33% year over year to a record $189 billion as “Cyber-week turns to Cyber-months” amid the ongoing COVID-19 pandemic. Create long and strong passwords. Change passwords repeatedly. With this in mind, all eyes should be on Black Friday.

Retail 97

Retail e-Delivery Passwords Phishing 97

Thales Cloud Protection & Licensing

FEBRUARY 9, 2023

And for those that re-use passwords: theft of your entertainment login could be eventual access to bigger, more detrimental accounts (such as banking, insurance, and health). Beware of hackers wanting to use your ESPN account (scrutinize those emails and pop-ups), sign into your cable provider, or scalp your Ticketmaster ticket.

Security 71

Security Authentication Phishing Access 71

Security Affairs

AUGUST 8, 2021

The database was contained in a password-protected zip archive with a text file containing 1 million lines with the following lines: Card number; Expiration date; CVV / CVC code; Name of the card holder; Country; State; City; The address; Zip code; Email and phone for some entries. million bank cards were offered for sale in this card shop.

Marketing 130

Marketing Sales IT Insurance 130

IT Governance

JANUARY 4, 2021

Indian cardholders’ data found for sale on the dark web (7 million) Payroll data compromised after ransomware attack on Town of Ludlow, MA (unknown) Proliance Surgeons notifies patients of payment card breach (unknown) Hezbollah-affiliated financial org, Al-Qard Al-Hassan hacked (unknown). Financial information.

Data breaches 116

Data breaches Ransomware Energy and Utilities Computer and Electronics 116

IT Governance

MARCH 2, 2020

Quebec teachers’ data stolen in password breach (360,000). Pacific Specialty Insurance Company notifies plan members of 2019 data breach (unknown). Massive data dump of Indian debit and credit cards for sale on dark web (400,000). Relation Insurance discloses security incident six months after discovering it (unknown).

Data breaches 145

Data breaches Ransomware Phishing Personal data 145

eSecurity Planet

SEPTEMBER 14, 2022

Often, a scammer will simply target the people in a company and fool them into giving up their personal details, account passwords, and other sensitive information and gain access that way. Finance and insurance finished a close second at 22.4%. This is the same trick business professionals might use to secure a sale (i.e.

Energy and Utilities 118

Energy and Utilities Phishing Blockchain Cybersecurity 118

Data Protection Report

AUGUST 3, 2017

Refrain from using hard-coded credentials or passwords. Further, by requiring post-sale monitoring of vulnerabilities, the government is requiring entities to monitor and enhance a device’s cybersecurity throughout its life-cycle. Use software and components that can be updated and patched.

IoT 40

IoT Cybersecurity Insurance Marketing 40

Data Matters

OCTOBER 24, 2019

Verification for Password-Protected Accounts (§ 998.324). The regulations require businesses to use a two-factor verification process, at a minimum, to authenticate consumers with password-protected accounts who submit access or deletion requests. Minors 13 to 16 Years of Age (§ 998.331).

Privacy 60

Privacy Sales Authentication Passwords 60

Data Matters

JUNE 29, 2018

An analysis of the bill prepared by the California Assembly before the vote also indicated that AB 375 was intended to address controversies concerning third-party sale of personal information acquired from social media without data subjects’ authorization. Right to Prevent or “Opt Out” of the Sale of Personal Information.

GDPR 79

GDPR Privacy Sales Data breaches 79

IT Governance

DECEMBER 27, 2019

The site’s security team suspected that users were being targeted in a credential-stuffing attack; this is where cyber criminals use a list of stolen usernames and passwords en masse to break into an account. Worse, they changed the email address associated with the account, preventing them from resetting their password.

Data breaches 69

Data breaches GDPR Passwords Personal data 69

Data Matters

SEPTEMBER 18, 2019

a password or a PIN); possession: something the user possesses (e.g., This involves linking the transaction to a specific amount and a specific payee, for instance by the use of one-time passwords. a card transaction initiated by the payer at the point of sale, online or in-app). inherence: a biometric characteristic (e.g.,

Authentication 102

Authentication e-Delivery Risk Sales 102

Data Matters

JUNE 29, 2018

An analysis of the bill prepared by the California Assembly before the vote also indicated that AB 375 was intended to address controversies concerning third-party sale of personal information acquired from social media without data subjects’ authorization. Right to Prevent or “Opt Out” of the Sale of Personal Information.

GDPR 60

GDPR Privacy Sales Data breaches 60

Krebs on Security

SEPTEMBER 10, 2018

There are dozens of private companies that specialize in providing consumer credit reports and scores to specific industries, including real estate brokers, landlords, insurers, debt buyers, employers, banks, casinos and retail stores. In other cases, it’s trivial for anyone to sign up for these services.

Access 226

Access Military Retail Security 226

Data Matters

OCTOBER 22, 2019

Notice of Right to Opt-Out of Sale (§ 998.306). Leaving this to the side, however, the proposed regulations did provide guidance on numerous aspects of opt-out of sale notices. Require businesses that provide financial incentives for different types of products or services based on the value of consumers information (e.g.,

Privacy 60

Privacy Sales Paper Compliance 60

IT Governance

JUNE 1, 2023

The information was offered for a private sale on the now-defunct hacking forum Breached, and it was later leaked in its entirety for free. MCNA Insurance MCNA Insurance, also known as MCNA Dental, was caught up in a cyber hacking incident last week, in which 112 covered entities were affected.

Data breaches 122

Data breaches Insurance Personal data Ransomware 122

eSecurity Planet

FEBRUARY 16, 2021

Ransomware frequently contains extraction capabilities that can steal critical information like usernames and passwords, so stopping ransomware is serious business. As ransomware keeps at its current pace, we see a boom in cyber insurance sales (see Ransomware Insurance: Cyber Insurance May Be the Best Protection ).

Ransomware 97

Ransomware Encryption Insurance Cloud 97

Krebs on Security

AUGUST 3, 2020

A California company that helps telemarketing firms avoid getting sued for violating a federal law that seeks to curb robocalls has leaked the phone numbers, email addresses and passwords of all its customers, as well as the mobile phone numbers and other data on people who have hired lawyers to go after telemarketers.

Marketing 320

Marketing Passwords Sales Insurance 320

Krebs on Security

DECEMBER 29, 2022

Web hosting giant DigitalOcean discloses it was one of the victims, and that the intruders used their access to send password reset emails to a number of DigitalOcean customers involved in cryptocurrency and blockchain technologies. Unfortunately, this static data on most Americans has been for sale in the cybercrime underground for years.

Passwords 233

Passwords Ransomware Computer and Electronics Encryption 233

IT Governance

MARCH 5, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight Millions of Pure Incubation Ventures records listed on hacking forum 183,754,481 records apparently belonging to the venture capital and private equity group Pure Incubation Ventures have been listed for sale on a hacking forum. The claim is yet to be verified.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

Data Matters

OCTOBER 23, 2019

Right to Opt-Out of Sale. If the business denies a request in whole or in part on these grounds, it must “provide or direct the consumer to its general business practices regarding the collection, maintenance, and sale of personal information set forth in its privacy policy.”.

Sales 60

Sales Privacy Passwords Compliance 60

Data Protection Report

MARCH 7, 2024

The proposed regulations anticipate exempting data transactions “to the extent that they are ordinarily incident to and part of the provision of financial services” including: (i) banking, capital-markets, or financial-insurance services; (ii) a financial activity authorized by 12 U.S.C. §

Access 58

Access Military Compliance Personal data 58

IT Governance

MARCH 11, 2024

According to a listing on a popular hacking forum, the database includes customers’ names, email addresses, hashed passwords, and more. million OpenSea records for sale on hacking forum A cyber criminal known as ‘bossmoves90004’ claims to have exfiltrated 6.9 The claim is yet to be verified. Data breached: 36 million records.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

eDiscovery Daily

JANUARY 9, 2018

Yesterday, we looked back at cases related to discovery about discovery, technology assisted review, form of production disputes, objections to production requests and an interesting dispute between an eDiscovery provider and their former sales people. Holding Funeral Home, Inc. Does this Ring a Bell?

e-Discovery 39

e-Discovery Computer and Electronics Communications Cloud 39

IT Governance

MARCH 28, 2019

Insurance firm AIA Singapore discovers data breach (225). Publishing firm Elsevier left users’ passwords on publicly available server (unknown). New Orleans-based Hartwig Insurance Agency discloses data breach (1,100). Utter Zuck-up: 600 million passwords exposed in Facebook data breach (600 million).

Data breaches 111

Data breaches Ransomware Insurance Phishing 111

Data Protection Report

OCTOBER 11, 2019

Notices must be available in the languages in which the business in its ordinary course provides contracts, disclaimers, sale announcements, and other information to consumers. Other items to note: When a consumer has a password-protected account with the business, traditional authentication practices (e.g., 99.324(a)).

Sales 40

Sales Retail Privacy Access 40

eSecurity Planet

NOVEMBER 18, 2021

Bitdefender Premium Security takes care of your personal information and online privacy with features like file shredder, password manager, anti-theft, privacy firewall, parental control, safe online banking, webcam protection, anti-tracker, and unlimited VPN traffic. You can download a 30-day free trial or purchase the software for $69.99

Security 110

Security Analytics Passwords Risk 110

Data Matters

APRIL 23, 2018

Board-management discussions about cyber risk should include identification of which risks to avoid, which to accept, and which to mitigate or transfer through insurance, as well as specific plans associated with each approach. Principle 5. The 2018 guidance supplements the SEC’s October 13, 2011, CF Disclosure Guidance: Topic No.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60