Insurance Giant Chubb Might Be Ransomware Victim

Dark Reading

A ransomware operator claims to have successfully attacked Chubb Insurance databases

Insurer Chubb Investigating 'Security Incident'

Data Breach Today

Maze Gang Claims Insurer Is a Victim, Emsisoft Reports Switzerland-based global insurance firm Chubb acknowledges that it's investigating a "security incident."

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Judge Rules Insurer Must Pay for Ransomware Damage

Data Breach Today

Coverage Required Because Attack Caused 'Physical Loss or Damage' A federal judge has ruled that an insurer providing a "business owner's insurance policy" to a company that sustained a ransomware attack and was forced to replace most of its IT infrastructure must pay for the damages the security incident caused.

Do Ransomware Attackers Single Out Cyber Insurance Holders?

Data Breach Today

Security Experts Express Skepticism That Criminals Would Bother Do criminal organizations prefer to target organizations that hold cyber insurance policies? A ProPublica report suggests that because cyber insurance policyholders are more likely to pay ransoms, they're a more frequent target. But some cybersecurity experts have expressed skepticism

Cyber Insurance Changes as Threats Evolve

Data Breach Today

Ken Suh of Beazley on Assessing the Options In light of emerging cyberthreats, including ransomware, organizations must change how they assess their cyber insurance options, says Ken Suh of Beazley

The Hidden Cost of Ransomware: Wholesale Password Theft

Krebs on Security

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. VCPI) was hit by the Ryuk ransomware strain.

Ransomware at Colorado IT Provider Affects 100+ Dental Offices

Krebs on Security

A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned. “No help from my insurance.

Cybersecurity Insurance Not Paying for NotPetya Losses

Schneier on Security

This will complicate things: To complicate matters, having cyber insurance might not cover everyone's losses. Zurich American Insurance Company refused to pay out a $100 million claim from Mondelez, saying that since the U.S.

Ransomware Hits B2B Payments Firm Billtrust

Krebs on Security

Business-to-business payments provider Billtrust is still recovering from a ransomware attack that began last week. “Out of an abundance of caution, we cannot disclose the precise ransomware strains but will do so as soon as prudently possible.

B2B 194

Ransomware Bites Dental Data Backup Firm

Krebs on Security

PerCSoft , a Wisconsin-based company that manages a remote data backup service relied upon by hundreds of dental offices across the country, is struggling to restore access to client systems after falling victim to a ransomware attack.

New Orleans to Boost Cyber Insurance to $10M Post-Ransomware

Dark Reading

Mayor LaToya Cantrell anticipates the recent cyberattack to exceed its current $3 million cyber insurance policy

Second Florida City Pays Up Following Ransomware Attack

Data Breach Today

After Struggling With Recovery, City Negotiates a Ransom Payment A second small city in Florida is paying off cybercriminals to recover from a ransomware attack that crippled the municipality's local network. How much did Lake City agree to pay, and how much of that was covered by insurance

Ransomware Keeps Ringing in Profits for Cybercrime Rings

Data Breach Today

SamSam, Dharma, GandCrab and Global Imposter Make for Ongoing Bitcoin Paydays Criminals wielding crypto-locking ransomware - especially Dharma/CrySiS, GandCrab and Global Imposter, but also SamSam - continue to attack.

Ransomware Increasingly Targeting Small Governments

Dark Reading

To get back up and running quickly, and because it's cheaper, city and county governments often pay the ransom, especially if insurance companies are footing the bill. The result: More ransomware

GUEST ESSAY: Cyber insurance 101 — for any business operating in today’s digital environment

The Last Watchdog

To help mitigate the risk of financial losses, more companies are turning to cyber insurance. Related: Bots attack business logic Cyber insurance, like other forms of business insurance, is a way for companies to transfer some of numerous potential liability hits associated specifically with IT infrastructure and IT activities. Meanwhile, credential-stuffing attacks have a potential cost of at least $5 billion a year, while ransomware can set companies back around $8 billion.

Currency Exchange Company Travelex Hit By Ransomware Attack

Adam Levin

Currency exchange giant Travelex has effectively been taken offline by a ransomware attack. . The hackers claim to have six months’ worth of sensitive customer data containing birthdates, credit card information, and insurance numbers.

Insurance Pays Out a Sliver of Norsk Hydro’s Cyberattack Damages

Threatpost

million in cyber insurance - out of $71 million incurred in damages after a massive March cyberattack. Hacks Cyber Insurance cyberattack industrial cyberattack LockerGoga malware norsk hydro ransomwareThe company received $3.6

Albany County Airport authority hit by a ransomware attack

Security Affairs

Officials at the Albany County Airport Authority revealed that New York airport servers were infected with ransomware on Christmas. According to the experts, the ransomware encrypted files on the authority’s servers and its backup servers. SecurityAffairs – ransomware, airport).

Ransomware Is the No. 1 Cyber Threat This Year. Here’s What You Can Do

Adam Levin

You couldn’t go a week last year without seeing a ransomware headline in the news. Ransomware attacks on businesses skyrocketed 365 percent in 2019, and all signs point to more of the same in 2020. What Is Ransomware? The post Ransomware Is the No.

Ransomware, Mobile Malware Attacks to Surge in 2020

Threatpost

Targeted ransomware, mobile malware and other attacks will surge, while companies will adopt AI, better cloud security and cyber insurance to help defend and protect against them.

Alabama Hospital chain paid ransom to resume operations after ransomware attack

Security Affairs

An Alabama hospital chain announced to have restored normal operation after paying the ransom request by crooks that infected its systems with ransomware. A hospital chain in west Alabama was recently hit by a ransomware attack that paralyzed its systems.

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Last Watchdog

Stunning as these two high-profile attacks were, they do not begin to convey the full scope of what a pervasive and destructive phenomenon ransomware has become – to individuals, to companies of all sizes and, lately, to poorly defended local agencies. “All we know is MONEY! Hurry up!

NotPetya Victim Mondelez Sues Zurich Insurance for $100 Million

Dark Reading

Mondelez files lawsuit after Zurich rejects claim for damages from massive ransomware attack

How to make sure your cyber insurance policy pays out

IT Governance

Cyber insurance is big business these days. Find out how a ransomware victim used cyber insurance to guide its response effort >> A cyber insurance policy doesn’t necessarily guarantee that you will receive aid following a data breach.

Hackers Cashing In On Healthcare Industry Security Weaknesses

Threatpost

Between ransomware attacks on healthcare devices, malware-laced “medical” apps, and fraud services available on the dark net, attackers are pushing the boundaries on targeting healthcare.

Maryland Court Finds Coverage for Lost Data and Slow Computers After Ransomware Attack

Hunton Privacy

As previously posted on our Hunton Insurance Recovery blog , a Maryland federal court awarded summary judgment to policyholder National Ink in National Ink and Stitch, LLC v. State Auto Property and Casualty Insurance Company , finding coverage for a cyber attack under a non-cyber insurance policy after the insured’s server and networked computer system were damaged as a result of a ransomware attack.

Insurance Customers’ Personal Data Exposed Due to Misconfigured NAS Server

Threatpost

The vulnerability also exposed login credentials for a massive national insurance claims database, Upguard says. Cloud Security Privacy Vulnerabilities Web Security NAS server ransomware UpGuard WannaCry

Largest hospital system in New Jersey was hit by ransomware attack

Security Affairs

The largest hospital in New Jersey announced on Friday that a ransomware attack last week disrupted its network and that it paid a ransom. At the time there are no details about the family of ransomware the infected the system or the way attackers breached the network of the hospital.

How to handle a ransomware attack

IT Governance

That’s a question more organisations are having to ask themselves nowadays, with at least 55 ransomware attacks reported in the first half of 2019. Identify that the attack is ransomware. Don’t assume that the person who has spotted the attack knows that it’s ransomware.

MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns

The Last Watchdog

However, at this moment in history, two particularly worrisome types of cyber attacks are cycling up and hitting local government entities hard: ransomware sieges and election tampering. population 12,046, paid $460,000, respectively, for ransomware decryption keys.

The city of Racine was offline following a ransomware attack

Security Affairs

The city of Racine joins to the long string of US municipalities that were hit with ransomware attack, it was forced offline following the infection. The city of Racine, Wisconsin, was hit with a ransomware, the incident took place on January 31, 2020.

Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats

The Security Ledger

In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. Part I: not ransom…ransomware! The insurance was dirt cheap.

Ransomware: Keep the Bitcoin in Your Wallet

MediaPro

Ransomware continues to rack up victims. Early this month the City of Baltimore announced ransomware had seized a variety of city government computer systems. Last March , Atlanta was brought to its knees by a ransomware attack that lasted nearly two weeks.

Adventures in cyber litigation: Frozen crypto-assets and the role of cyber insurance

Data Protection Report

Given the level of interest in the case, we have prepared a deeper-dive into the facts and the implications of the decision, with a focus on the important role played in the case by cyber insurance. However, the involvement of the victim’s insurers has received less attention.

Analysis: Report on China Attacking Mobile Devices

Data Breach Today

Plus: Do ransomware gangs target organizations that have cyber insurance This week's ISMG Security Report takes a close look at whether an iPhone hacking campaign may be linked to Android spying campaigns by China.

Ransomware Health Data Breach Affects 500,000 Patients

Hunton Privacy

On June 26, 2017, Airway Oxygen, a provider of oxygen therapy and home medical equipment, reported that it was the subject of a ransomware attack affecting 500,000 patients’ protected health information. The attack is the second largest health data breach recorded by the Office for Civil Rights (“OCR”) this year, and the largest ransomware incident recorded by OCR since it began tracking incidents in 2009.

“An act of war”: Zurich American refuses to pay out on cyber insurance policy following NotPetya attack

IT Governance

US food giant Mondelez is suing insurance company Zurich American for denying a $100 million (£76 million) claim filed after the NotPetya attack. The confectioner, which owns Cadbury and Oreo, says it lost 1,700 servers and 24,000 laptops as the ransomware swept through its systems. NotPetya is a Windows-based piece of ransomware that infected organisations across the globe in 2017. Perilous future for cyber insurance.

Global Ransomware Attacks Raise Key Legal Considerations

Hunton Privacy

On May 12, 2017, a massive ransomware attack began affecting tens of thousands of computer systems in over 100 countries. The ransomware, known as “WannaCry,” leverages a Windows vulnerability and encrypts files on infected systems and demands payment for their release. If payment is not received within a specified time frame, the ransomware automatically deletes the files.

Critical Steps in Managing Vendor Security Risk

Data Breach Today

In light of recent ransomware and other cyberattacks against vendors serving numerous healthcare organizations, it's critical to develop and deploy comprehensive vendor risk management programs, says John Farley of Arthur J. a provider of cyber insurance Gallagher & Co.,

How Many States Have Outlawed Ransomware? You May Be Shocked: Cybersecurity Trends

eDiscovery Daily

Maryland is currently considering a bill to become only the third state after Michigan and Wyoming, to criminalize the possession and distribution of ransomware. Following the attack, Baltimore City’s board allocated $10 million to an emergency ransomware response to prevent similar attacks.