Data Breach Today

OCTOBER 2, 2018

Health Insurer Slammed by Regulator for Failing to Detect Bulk Theft of Records The U.K.'s s data protection regulator has fined Bupa Insurance Services £175,000 ($228,000) for failing to stop an employee from stealing 547,000 customer records, which were later offered for sale on the dark web.

Insurance 202

Insurance Sales Security 202

Security Affairs

JANUARY 2, 2024

Hudson Researchers reported that on December 20th, a hacker using the moniker ‘irleaks’ announced the availability for sale of over 160,000,000 records allegedly stolen from 23 leading insurance companies in Iran. It is still unclear how the hackers targeted so many insurance companies at the same time.

Insurance 137

Insurance Sales Passwords Access 137

Krebs on Security

MARCH 17, 2023

Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums , a popular English-language cybercrime forum where some of the world biggest hacked databases routinely show up for sale. that suffered a data breach this month.

Sales 294

Sales Data breaches Insurance Access 294

Krebs on Security

APRIL 26, 2021

Last week, KrebsOnSecurity heard from a reader who had his freeze thawed without authorization through Experian’s website, and it reminded me of how truly broken authentication and security remains in the credit bureau space. “They’re allowing this huge security gap so they can make a profit. .”

Security 306

Security Authentication Access Insurance 306

IT Governance

NOVEMBER 6, 2023

According to the security company Resecurity , which discovered the listing, the data included victims’ name, age, gender, address, passport number and Aadhaar number (a 12-digit government identification number). It secured its systems, notified law enforcement and began investigating the incident. Boeing is “assessing the claim”.

Data Privacy 97

Data Privacy Privacy Libraries Security 97

Security Affairs

FEBRUARY 3, 2024

” The company added that it did not record any insurance proceeds in the three and six months ending on December 31, 2023, associated with the cyberattack. The recognition of insurance recoveries, if applicable, may not align with the timing of recognizing the associated expenses. ” reads the SEC filing.

Insurance 113

Insurance Sales Ransomware Marketing 113

Krebs on Security

MAY 31, 2019

On May 24, KrebsOnSecurity broke the news that First American had just fixed a weakness in its Web site that exposed approximately 885 million documents — many of them with Social Security and bank account numbers — going back at least 16 years. No authentication was needed to access the digitized records. ” . ” .”

Financial Services 203

Financial Services Insurance Sales Authentication 203

eSecurity Planet

FEBRUARY 14, 2023

“I remember the first time we were asked for a SOC 2 report, which quickly became the minimum bar requirement in our industry for proof of an effective security program,” he said. It was also a drag on the sales cycle, and then there was the need for maintaining compliance. Growth has definitely been robust. “Our

Compliance 94

Compliance Security Cybersecurity Marketing 94

Security Affairs

APRIL 30, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 95

Security Ransomware Cybersecurity Authentication 95

The Last Watchdog

APRIL 8, 2024

Related: The ‘cyber’ case for D&O insurance Vanessa Pegueros knows this all too well. Thus, presenting a sky-is-falling scenario to justify a fatter security budget, “does not resonate at the board level,” she said in her talk. Pigueros: Compliance is not going to fix all the security risks.

Compliance 166

Compliance Cybersecurity Risk Mining 166

Security Affairs

NOVEMBER 11, 2022

An initial access broker claims to have hacked Deutsche Bank and is offering access to its systems for sale on Telegram. A threat actor ( 0x_dump ) claims to have hacked the multinational investment bank Deutsche Bank and is offering access to its network for sale online. HQ in Frankfurt, Germany shown. Pierluigi Paganini.

Access 97

Access Sales Communications Insurance 97

Krebs on Security

APRIL 27, 2023

Until being contacted by this reporter on Monday, the state of Vermont had at least five separate Salesforce Community sites that allowed guest access to sensitive data, including a Pandemic Unemployment Assistance program that exposed the applicant’s full name, Social Security number, address, phone number, email, and bank account number.

Access 278

Access Authentication Information Security Communications 278

Krebs on Security

AUGUST 17, 2023

Also, the sale of “hacking tools” doesn’t quite capture what 16Shop was all about: It was a fully automated phishing platform that gave its thousands of customers a series of brand-specific phishing kits to use, and provided the domain names needed to host the phishing pages and receive any stolen credentials.

Phishing 185

Phishing Passwords Insurance Sales 185

Security Affairs

MARCH 25, 2021

Astoria Company LLC is a lead generation company that leverages on a network of websites to collect information on a person that may be looking for discounted car loans, different medical insurance, or even payday loans. Collected data si shared with a number of partner sites (such as insurance or loan agencies), that pay per lead referral.

Data breaches 112

Data breaches Sales Insurance Marketing 112

Krebs on Security

APRIL 12, 2022

.” Prosecutors say Coelho also personally sold stolen data on the platform, and that Omnipotent directly facilitated illicit transactions by operating a fee-based “ Official Middleman ” service, a kind of escrow or insurance service that denizens of RaidForums were encouraged to use when transacting with other criminals.

Sales 216

Sales Data breaches Government Access 216

Thales Cloud Protection & Licensing

FEBRUARY 9, 2023

How do you secure a Super Bowl? Hopefully, security analysts will be watching closest of all. It’s safe to say that the last thing on anyone’s mind come Super Bowl Sunday will be the security of their digital interactions. First, we listed a lot of glittering generalities surrounding Super Bowl security spaces.

Security 71

Security Authentication Phishing Access 71

Security Affairs

FEBRUARY 12, 2024

Today, I announced we are banning the importation, sale and use of consumer hacking devices, like flippers, used to commit these crimes.” This includes substantial costs for insurers, reaching an estimated $542 million annually, to repair or replace stolen vehicles. And Canadians are rightfully worried.

Sales 108

Sales Government Insurance IT 108

Thales Cloud Protection & Licensing

APRIL 18, 2023

RSA Conference 2023: Meet Thales Where the World Talks Security! Meet us at Booth #N-5369 for demonstrations on data security, customer and workforce identity, and post quantum cryptography – just to name a few. Security teams must build quantum resilience today to protect their business from emerging risks.

Security 71

Security Digital transformation Privacy Cybersecurity 71

Data Matters

SEPTEMBER 20, 2021

The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. Highlights include, among others, adoption of revised risk-based capital bond factors for life insurers, amendments to SSAP No. NAIC Adopts Revised Risk-Based Capital Bond Factors for Life Insurers.

Insurance 88

Insurance e-Delivery Paper Sales 88

Hunton Privacy

NOVEMBER 6, 2014

Hunton & Williams Insurance Litigation & Counseling partner Lon Berk reports: As the demand for cyber insurance has skyrocketed, so too has the cost. One broker estimates that sales in 2014 will double from the $1 billion premium collected in 2013. As these payment technologies become prevalent in the U.S.,

Insurance 40

Insurance Retail Sales Risk 40

Security Affairs

JUNE 12, 2021

Volkswagen America discloses a data breach suffered by a third-party vendor used by the car vendor for sales and marketing purposes. The security breach affected a subsidiary Audi and authorized dealers in the U.S. “This included information gathered for sales and marketing purposes from 2014 to 2019. Pierluigi Paganini.

Data breaches 126

Data breaches Sales Insurance Marketing 126

Security Affairs

JANUARY 4, 2022

Stolen employees’ data potentially included names, addresses, telephone numbers, email addresses, dates of birth, race, ethnicity, gender, disability status, medical notes, performance and disciplinary notes, Social Security numbers, health insurance plan elections, income amounts, and retirement contribution amounts.

Data breaches 108

Data breaches Ransomware Insurance Sales 108

IT Governance

JANUARY 9, 2020

Almost everyone wants to know what the future has in store – particularly when it comes to cyber security. With that in mind, Geraint Williams, IT Governance’s chief information security officer, discusses his cyber security predictions in the upcoming year. Our predictions. Ransomware will continue to increase.

Security 98

Security IoT Phishing Ransomware 98

Hunton Privacy

SEPTEMBER 21, 2023

The Act would grant California consumers the right to request that data brokers (1) delete and (2) limit the further sale and sharing of consumers’ personal data. In addition, the bill would create new registration, disclosure, recordkeeping, and audit requirements applicable to data brokers.

Insurance 69

Insurance Personal data Sales Compliance 69

Armstrong Archives

DECEMBER 19, 2023

No matter the size of a business, a well-defined record retention policy serves multiple purposes: ensuring compliance with legal and regulatory requirements, aiding in efficient document management, and securing sensitive information. Also, their policies must be tailored to their specific industry requirements and business size.

Compliance 52

Compliance Archiving Digital transformation Sales 52

Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. The Privacy Working Group has been reviewing state insurance privacy protections regarding the collection, ownership, use, and disclosure of information gathered in connection with insurance transactions.

Insurance 78

Insurance Paper Privacy Risk 78

Hunton Privacy

APRIL 18, 2023

The bill also contains a number of exemptions, including exceptions for financial institutions, affiliates, and data subject to Title V of the Gramm-Leach-Bliley Act, covered entities and business associates under the Health Insurance Portability and Accountability Act of 1996, nonprofit organizations and institutions of higher education.

Privacy 132

Privacy Personal data Sales Insurance 132

IT Governance

NOVEMBER 1, 2022

We identified 102 security incidents throughout the month, which is the second largest figure so far this year – trailing only August (112). Meanwhile, be sure to subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. Cyber attacks.

Data breaches 111

Data breaches Ransomware Insurance Phishing 111

HL Chronicle of Data Protection

JUNE 3, 2019

On May 29, Nevada Governor Steve Sisolak signed Senate Bill 220 ( SB-220 ) into law, making Nevada the first state to join California in granting consumers the right to opt out of the sale of their personal information. New Consumer Right to Opt-out of the “Sale” of Personal Information. Washington’s SB 5376).

Sales 40

Sales Privacy Insurance Manufacturing 40

Hunton Privacy

MARCH 24, 2022

Similar to the CPA and VCDPA, the UCPA contains exemptions for covered entities, business associates and protected health information subject to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), and financial institutions or personal data subject to the Gramm-Leach-Bliley Act (“GLB”).

Privacy 113

Privacy Personal data Sales B2B 113

Krebs on Security

JULY 4, 2020

One of the most-read advice columns on this site is a 2018 piece called “ Plant Your Flag, Mark Your Territory ,” which tried to impress upon readers the importance of creating accounts at websites like those at the Social Security Administration , the IRS and others before crooks do it for you.

Passwords 275

Passwords Authentication Insurance Mining 275

Krebs on Security

JUNE 1, 2023

Megatraffer explained that malware purveyors need a certificate because many antivirus products will be far more interested in unsigned software, and because signed files downloaded from the Internet don’t tend to get blocked by security features built into modern web browsers. 2016 sales thread on Exploit.

Healthcare 228

Healthcare Passwords Sales Ransomware 228

Hunton Privacy

MARCH 17, 2023

Controller Obligations Controllers would be required to implement reasonable security practices, provide a compliant privacy notice to consumers and enter into agreements with processors that handle the controller’s personal data. These rights notably exclude a right to correct inaccurate personal data.

Privacy 72

Privacy Personal data Sales Insurance 72

Information Governance Perspectives

APRIL 5, 2023

John Danenberger, CPCU, is Corporate Counsel at State Farm Insurance and specializes in addressing emerging issues around telematics. In 2015, he successfully transitioned from a military career as a trial attorney for the JAG Corps to working in telematics in corporate America for State Farm Insurance.

Insurance 52

Insurance Military Artificial Intelligence Manufacturing 52

Thales Cloud Protection & Licensing

OCTOBER 5, 2022

Along with celebrating Cyber Security Awareness Month, several exciting events are taking place across the world, aiming to educate people on the latest trends in cybersecurity and privacy. GITEX GLOBAL is the biggest security and technology event and exhibition in the Middle East. GITEX GLOBAL, 10-14 October, Dubai.

Cybersecurity 87

Cybersecurity Cloud Digital transformation Sales 87

Security Affairs

JANUARY 14, 2019

Zurich American Insurance Company is refusing to refund its client because consider the attack as “an act of war” that is not covered by its policy. According to the cyber security community, NotPetya is a cyber weapon develped by Russia to hit the Ukrainian government. SecurityAffairs – Mondelez, cyber insurance).

Insurance 89

Insurance Ransomware Sales Government 89

Hunton Privacy

MAY 10, 2022

The CTDPA exempts certain entities, including, for example, state and local government entities, nonprofits, higher education institutions, financial institutions subject to the Gramm-Leach-Bliley Act (“GLB”), and qualifying covered entities and business associates subject to the Health Insurance Portability and Accountability Act (“HIPAA”).

Privacy 118

Privacy Personal data Sales B2B 118