Accountability, Information Security and Insurance

Health insurer Point32Health suffered a ransomware attack

Security Affairs

APRIL 23, 2023

Non-profit health insurer Point32Health suffered a ransomware attack and has taken systems offline in response to the incident. Non-profit health insurer Point32Health has taken systems offline in response to a ransomware attack that took place on April 17. ” reads the statement published by the insurer.

Insurance

Insurance Ransomware Education Accountability

Cyber Insurance and the Changing Global Risk Environment

Security Affairs

APRIL 22, 2022

When security fails, cyber insurance can become crucial for ensuring continuity. Our reliance on digital technology and the inherited risk is a key driving factor for buying cyber risk insurance. If the technology were to become unavailable, the resulting business impact could be mitigated with cyber insurance.

Cyber Insurance

Cyber Insurance Insurance Risk Technology

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

SC Magazine

FEBRUARY 8, 2021

Every time a driver buckles up or an airbag is deployed we see the powerful influence of the insurance companies who insisted those measures become mandatory. Now, those insurers are poised to drive cybersecurity investment by insisting that organizations meet certain criteria to qualify for coverage. A maturing model.

Insurance

Insurance Cyber Insurance Cybersecurity Government

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

As market for cyber insurance booms, watchdog calls for better data

SC Magazine

MAY 24, 2021

In a report released May 20, the Government Accountability Office looked at how the private cybersecurity insurance market has developed over the past five yearsRich Baich is global chief information security officer for insurance giant AIG. Photo by Spencer Platt/Getty Images).

Cyber Insurance

Cyber Insurance Insurance Marketing Cyber Risk

How the ransomware explosion is reshaping the cyber insurance market

SC Magazine

MAY 19, 2021

The development of cybersecurity insurance has played an important role in determining how companies prepare for and respond to ransomware attacks and the resulting fallout. That in itself has evolved, as insurers and insured learn just how expensive that fallout can be. The ransomware reality check for insurers.

Cyber Insurance

Cyber Insurance Insurance Marketing Ransomware

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July. Pierluigi Paganini.

Insurance

Insurance Data breaches Financial Services Passwords

How MFA and Cyber Liability Insurance Effectively Manage Risk in Higher Education

Duo's Security Blog

OCTOBER 18, 2021

One area where campuses have been collaborating recently are changes around cyber liability insurance for higher education, an opportunity for campus cybersecurity teams to combine forces with their risk management team. In a recent Duo blog post, we gave an overview of cyber liability insurance.

Insurance

Insurance Education Risk Cyber Insurance

Healthcare firm WebTPA data breach impacted 2.5 million individuals

Security Affairs

MAY 19, 2024

According to the notice published by the company, WebTPA acts as an administrative services provider to certain benefit plans and insurance companies whose information was impacted in this incident. “The investigation concluded that the unauthorized actor may have obtained personal information between April 18 and April 23, 2023.”

Data breaches

Data breaches Healthcare Insurance Identity Theft

Modernizing Health Care Security with SASE

Security Boulevard

SEPTEMBER 3, 2021

Since 2013 and the most recent set of updates to the Health Insurance Portability and Accountability Act (HIPAA), U.S. In particular, information security and risk management tools have been a part of nearly every compliance investment that providers have.

Insurance

Insurance Information Security Accountability Technology

Australian Firstmac Limited disclosed a data breach after cyber attack

Security Affairs

MAY 13, 2024

They have a range of market insurance products backed by international company, Allianz Group. “It is important to note that our systems are secure. Firstmac Limited, one of the largest non-bank lenders in Australia, disclosed a data breach. ” continues the notice.

Data breaches

Data breaches Cyber Attacks Identity Theft Banking

Resolving conflicts between security best practices and compliance mandates

CSO Magazine

AUGUST 31, 2022

The larger and more international your corporation, the more alphabet soup of technology compliance regulations need to be followed: the European Union’s General Data Protection Regulation (GDPR), the American Health Insurance Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standard (PCI DSS), the guidance by the (..)

Insurance

Insurance Internet Internet Technology

HealthEC data breach impacted more than 4.5 Million people

Security Affairs

JANUARY 4, 2024

The company suggests reviewing account and benefits statements, explanation of benefits statements, and monitoring free credit reports for suspicious activity and detecting errors. “Suspicious activity should be promptly reported to relevant parties including an insurance company, health care provider, and/or financial institution.”

Data breaches

Data breaches Healthcare Artificial Intelligence Identity Theft

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

APRIL 27, 2023

Until being contacted by this reporter on Monday, the state of Vermont had at least five separate Salesforce Community sites that allowed guest access to sensitive data, including a Pandemic Unemployment Assistance program that exposed the applicant’s full name, Social Security number, address, phone number, email, and bank account number.

Banking

Banking Government Information Security Authentication

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4 Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence

Artificial Intelligence Data breaches Scams Insurance

Mental Health Apps are Likely Collecting and Sharing Your Data

Security Boulevard

MAY 15, 2024

TABLE OF CONTENTS Understanding HIPAA Mental health apps collect a wealth of personal information Information collection extends past user disclosure Mental health apps may share your information with third parties Can users protect their privacy while using mental health apps?

Advertising

Advertising Insurance Accountability Data Analyst

Lockbit ransomware attack on MCNA Dental impacts 8.9M individuals

Security Affairs

MAY 29, 2023

MCNA Dental is one of the largest US dental care and oral health insurance providers. The security breach exposed the personal information of current or former provider of dental/orthodontic care to members of certain state Medicaid and Children’s Health Insurance Programs, for which MCNA provides dental benefits and services.

Ransomware

Ransomware Insurance Data breaches Identity Theft

Thinking About the Future of InfoSec (v2022)

Daniel Miessler

MARCH 20, 2022

I’m starting a new series with this 2022 edition where I think about what Information Security could or should look like in the distant future—say in 2050. In the next 15-30 years we’ll see a move from wizardry to accounting—and a much more Operational Technology approach to the discipline in general.

InfoSec

InfoSec Insurance Engineering Technology

Data Breach at Legal Service Provider May Have Compromised Health Info of 36,000 Patients in Pittsburgh

Hot for Security

FEBRUARY 9, 2021

CJH) is alerting more than 36,000 UPMC patients that some of their personal data may have been inappropriately accessed as the result of an information security breach at the company,” the notice reads. “This event did not occur at UPMC or affect the security of its electronic patient records or other computer systems.”

Data breaches

Data breaches Identity Theft Computers and Electronics Insurance

Ransomware attack on Singing River Health System impacted 895,000 people

Security Affairs

MAY 14, 2024

Potentially compromised information includes name, date of birth, address, Social Security number, medical information, and health insurance information. Additionally, they are sharing information on safeguarding against tax fraud, contacting consumer reporting agencies, and obtaining free credit reports.

Identity Theft

Identity Theft Ransomware Data breaches Insurance

German IT provider Bitmarck hit by cyberattack

Security Affairs

MAY 1, 2023

Bitmarck, one of the largest IT service providers for social insurance carriers in Germany, announced yesterday that it has suffered a cyber attack. “We very much regret the inconvenience caused to our customers, service providers and insured persons and are working to restore the systems as quickly as possible.”

Insurance

Insurance Data breaches Cyber Attacks Education

US cancer center City of Hope: data breach impacted 827149 individuals

Security Affairs

APRIL 4, 2024

. “While the investigation remains ongoing, the impacted personal information identified thus far varies by individual but may have included name, contact information (e.g., email address, phone number), date of birth, social security number, driver’s license or other government identification, financial details (e.g.,

Data breaches

Data breaches Identity Theft Insurance Banking

Point32Health ransomware attack exposed info of 2.5M people

Security Affairs

JUNE 2, 2023

In April, the non-profit health insurer Point32Health took systems offline in response to a ransomware attack that took place on April 17. The insurer immediately launched an investigation into the incident with the help of third-party cybersecurity experts to determine the extent of the incident. .”

Ransomware

Ransomware Insurance Data breaches Cybersecurity

McLaren Health Care revealed that a data breach impacted 2.2 million people

Security Affairs

NOVEMBER 10, 2023

Exposed information varied by individual and may include some combination of certain individuals’ names, social Security number, health insurance information, date of birth, and medical information. The company recommends impacted individuals to remain vigilant and monitor their bank account activity.

Data breaches

Data breaches Identity Theft Insurance Ransomware

Secure Once, Comply Many

SecureWorld News

OCTOBER 11, 2023

For the last eight-plus years, I've been working as a fractional Chief Information Security Officer (CISO). Before that, I worked as a full-time CISO for an insurance company for seven years. I've redacted the sources, but our customers are offering SaaS and selling to large insurance companies. Here's the first example.

Insurance

Insurance Passwords CISO Cybersecurity

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

The Last Watchdog

OCTOBER 29, 2018

The headlines immediately attempted to lay the blame, in large part, on the fact that Equifax’s chief information security officer was a music major and did not have a background in technology. Insurability. Equifax was not special in this regard. Related: How social media is used to spread malware, influence elections.

Data privacy

Data privacy Data breaches Insurance Information Security

Thousands of Humana customers have their medical data leaked online by threat actors

Security Affairs

JULY 21, 2021

Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a popular hacker forum. What was leaked? Drug prescription listings).

Insurance

Insurance Identity Theft Passwords Phishing

Massive MOVEit campaign already impacted at least 1,000 organizations and 60 million individuals

Security Affairs

AUGUST 28, 2023

million Teachers Insurance and Annuity Association of America 2.6 based organizations account for 83.9 based organizations account for 83.9 “The most heavily impacted sectors are finance and professional services and education, which account for 24.3 million Genworth 2.5 million PH Tech 1.7 million “U.S.-based

Insurance

Insurance Data breaches Education Ransomware

The State of Maine disclosed a data breach that impacted 1.3M people

Security Affairs

NOVEMBER 12, 2023

Compromised data may include the Social Security number (SSN), date of birth, driver’s license/state identification number, and taxpayer identification number. The attackers also gained access to medical information and health insurance information of some individuals. based organizations account for 83.9

Data breaches

Data breaches Insurance Identity Theft Education

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 28, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Cybercrime Spyware Data breaches Antivirus

Toyota Financial Services discloses a data breach

Security Affairs

DECEMBER 11, 2023

TFS offers various financial products, including auto loans, leases, and insurance solutions. The company told them that threat actors gained access to full names, residence addresses, contract information, lease-purchase details, and IBAN (International Bank Account Number).

Financial Services

Financial Services Data breaches Identity Theft Banking

Norton Healthcare disclosed a data breach after a ransomware attack

Security Affairs

DECEMBER 9, 2023

The compromised information varied for each person and could have included: name, contact information, Social Security Number, date of birth, health information, insurance information, and medical identification numbers. Norton Healthcare is offering impacted individuals two years of credit monitoring.

Healthcare

Healthcare Data breaches Ransomware Insurance

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Security Affairs

NOVEMBER 23, 2023

million Teachers Insurance and Annuity Association of America 2.6 based organizations account for 83.9 based organizations account for 83.9 The most heavily impacted sectors are finance and professional services and education, which account for 24.3 million Genworth 2.5 million PH Tech 1.7 million Milliman Solutions 1.2

Data breaches

Data breaches Hacking Retail Identity Theft

Law firm Orrick data breach impacted 638,000 individuals

Security Affairs

JANUARY 6, 2024

In December 2023, the law firm announced that it was working out a settlement with class action plaintiffs who said their personal information was compromised in a March 2023 data breach.

Data breaches

Data breaches Insurance Technology Government

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

-based cyber intelligence firm Hold Security , KrebsOnSecurity in March told Gunnebo about a financial transaction between a malicious hacker and a cybercriminal group which specializes in deploying ransomware. ” It remains unclear whether the stolen RDP credentials were a factor in this incident.

Hacking

Hacking Ransomware Banking Accountability

US. rail and locomotive company Wabtec hit with Lockbit ransomware

Security Affairs

JANUARY 4, 2023

On December 30, 2022, Wabtec started notifying impacted individuals and encouraged t them remain vigilant against incidents of identity theft and fraud by reviewing their financial account statements and credit reports for any anomalies. ” concludes Wabtec.

Ransomware

Ransomware Identity Theft Insurance Data breaches

Welltok data breach impacted 8.5 million patients in the U.S.

Security Affairs

NOVEMBER 23, 2023

For some of the impacted individuals, threat actors also gained access to Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information. The company has no evidence that any of patients’ information has been misused. based organizations account for 83.9 million “U.S.-based

Data breaches

Data breaches Insurance Healthcare Hacking

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Security Affairs

FEBRUARY 8, 2024

Cyber Insurance: US cyber insurance premiums soared by 50% in 2022, reaching $7.2 million unfilled cyber security jobs, showing a big need for skilled professionals. He holds a degree of Computer Science from Iqra University and specializes in Information Security & Data Privacy. million, up 15% in three years.

Social Engineering

Social Engineering Cyber Attacks Cyber Insurance IoT

Hacker accessed medical info at UMass Memorial Health

Security Affairs

OCTOBER 30, 2021

Threat actors hacked into the employee email system of the UMass Memorial Health healthcare system, potentially accessing the personal information of thousands of patients. The security breach took place between June 2020 and January and impacted more than 209,048 individuals.

Healthcare

Healthcare Insurance Data breaches Hacking

PayPal notifies 34942 users of data breach over credential stuffing attack

Security Affairs

JANUARY 20, 2023

PayPal is sending out data breach notifications to thousands of users because their accounts were compromised through credential stuffing attacks. PayPal announced that 34942 customers’ accounts have been compromised between December 6 and December 8. ” reads the letter sent by the company to the affected customers.

Data breaches

Data breaches Identity Theft Accountability Passwords

VF Corp December data breach impacts 35 million customers

Security Affairs

JANUARY 19, 2024

.” reads a Form 8-K filed with the Securities and Exchange Commission (SEC) on January 18, 2024. ” The company pointed out that it does not store Social Security numbers and financial information in its systems. .” ” concludes the Form 8-K.

Data breaches

Data breaches Retail Insurance Passwords

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

The top 10 groups, based on the number of victims, collectively account for 59% of the total victims in 2023. The most active group in 2023: LockBit According to the data presented by the Cybernews research team, 66 active ransomware groups were identified and operating within the digital landscape in 2023.

Ransomware

Ransomware Manufacturing Retail Insurance

Medusa ransomware gang claims the hack of Toyota Financial Services

Security Affairs

NOVEMBER 17, 2023

TFS offers various financial products, including auto loans, leases, and insurance solutions. Leaked sample data includes financial documents, invoices, hashed account passwords, passport scans, and more. It is a subsidiary of Toyota and provides a range of financial services to Toyota customers and dealerships worldwide.

Financial Services

Financial Services Hacking Ransomware Data breaches

Ransomware attack on MGM Resorts costs $110 Million

Security Affairs

OCTOBER 6, 2023

” The Company states that its cybersecurity insurance will cover the financial losses and future expenses, however, the full scope of the costs and related impacts has yet to be determined. The types of impacted information varied by individual.

Ransomware

Ransomware Insurance Banking Hacking

Healthcare system Advocate Aurora Health data breach potentially impacted 3M patients

Security Affairs

OCTOBER 20, 2022

“In an effort to deliver high quality services to its community, Advocate Aurora Health uses the services of several third-party vendors to measure and evaluate information concerning the trends and preferences of its patients as they use our websites. .

Data breaches

Data breaches Healthcare Insurance Accountability

Health insurer Point32Health suffered a ransomware attack

Cyber Insurance and the Changing Global Risk Environment

Webinars

Trending Sources

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

Webinars

As market for cyber insurance booms, watchdog calls for better data

How the ransomware explosion is reshaping the cyber insurance market

American Insurance firm State Farm victim of credential stuffing attacks

How MFA and Cyber Liability Insurance Effectively Manage Risk in Higher Education

Healthcare firm WebTPA data breach impacted 2.5 million individuals

Modernizing Health Care Security with SASE

Australian Firstmac Limited disclosed a data breach after cyber attack

Resolving conflicts between security best practices and compliance mandates

HealthEC data breach impacted more than 4.5 Million people

Many Public Salesforce Sites are Leaking Private Data

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Mental Health Apps are Likely Collecting and Sharing Your Data

Lockbit ransomware attack on MCNA Dental impacts 8.9M individuals

Thinking About the Future of InfoSec (v2022)

Data Breach at Legal Service Provider May Have Compromised Health Info of 36,000 Patients in Pittsburgh

Ransomware attack on Singing River Health System impacted 895,000 people

German IT provider Bitmarck hit by cyberattack

US cancer center City of Hope: data breach impacted 827149 individuals

Point32Health ransomware attack exposed info of 2.5M people

McLaren Health Care revealed that a data breach impacted 2.2 million people

Secure Once, Comply Many

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

Thousands of Humana customers have their medical data leaked online by threat actors

Massive MOVEit campaign already impacted at least 1,000 organizations and 60 million individuals

The State of Maine disclosed a data breach that impacted 1.3M people

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Toyota Financial Services discloses a data breach

Norton Healthcare disclosed a data breach after a ransomware attack

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Law firm Orrick data breach impacted 638,000 individuals

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

US. rail and locomotive company Wabtec hit with Lockbit ransomware

Welltok data breach impacted 8.5 million patients in the U.S.

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Hacker accessed medical info at UMass Memorial Health

PayPal notifies 34942 users of data breach over credential stuffing attack

VF Corp December data breach impacts 35 million customers

Ransomware attacks break records in 2023: the number of victims rose by 128%

Medusa ransomware gang claims the hack of Toyota Financial Services

Ransomware attack on MGM Resorts costs $110 Million

Healthcare system Advocate Aurora Health data breach potentially impacted 3M patients

Stay Connected