Accountability, Insurance and Risk - Cyber Security Informer

Report Finds 50% of Scattered Spider Phishing Domains Targeted Finance & Insurance

Digital Shadows

JANUARY 22, 2025

Were thrilled to unveil our latest threat landscape report for the finance and insurance sector, offering in-depth analysis of the evolving cyber threats facing this industry. In this industry, a single compromised account can trigger large-scale phishing campaigns, causing reputational damage, financial losses, and regulatory penalties.

Insurance

Insurance Phishing Social Engineering Engineering

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Unisys, for instance, was found to have framed cyber risks hypothetically even though its systems had already been breached, exfiltrating gigabytes of data. But the SEC’s latest actions underscore that failing to inform stakeholders about material risks and breaches is not an option. Addressing this root cause must be a priority.

CISO

CISO CSO Risk Cyber threats

DNA testing company vanishes along with its customers’ genetic data

Malwarebytes

NOVEMBER 12, 2024

All the company’s social media accounts haven’t been updated since 2023 at the latest. So, even if a company has good intentions, there is still a risk of your genetic data being linked to your personally identifiable information (PII). The BBC reports it tried several methods to reach the company but failed in this effort.

Insurance

Insurance Accountability Risk Data breaches

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

The Last Watchdog

JULY 13, 2023

London, July 13, 2023 — Beazley, the leading specialist insurer, today published its latest Risk & Resilience report: Spotlight on: Cyber & Technology Risks 2023. Yet, boardroom focus on cyber risk appears to be diminishing. trillion by 2025, a 300% increase since 2015 1.

Cyber Risk

Cyber Risk Risk Insurance Energy and Utilities

Credit Reporting Companies Put Customer Data at Risk

Adam Levin

MAY 19, 2021

Experian, 2013 – 2015: Hackers stole a trove of information from T-Mobile customers whose data had passed through Experian to check credit there and open a new account. Many companies now offer insurance policies that can help you recoup lost money, and even help you through the reporting and recovery process. Takeaways .

Risk

Risk Identity Theft Data breaches VPN

Healthcare Now Third-Most Targeted Industry for Ransomware

SecureWorld News

NOVEMBER 14, 2024

Significant Financial and Operational Costs: Healthcare providers, faced with potential HIPAA fines and the risk of service interruptions, may feel pressured to pay ransom demands. This stolen data is often exposed on both the clear and dark web, heightening risks of identity theft and further perpetuating cybercrime.

Healthcare

Healthcare Ransomware Identity Theft Data breaches

Cyber Insurance and the Changing Global Risk Environment

Security Affairs

APRIL 22, 2022

When security fails, cyber insurance can become crucial for ensuring continuity. This shift to digital technology has created a new class of digital risks that are constantly evolving and strike faster and often with more severity than traditional risks. Evolving global risk environment alters the cyber insurance landscape.

Cyber Insurance

Cyber Insurance Insurance Risk Technology

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

eSecurity Planet

MAY 27, 2021

The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers. Insurers Assessing Risks.

Cyber Insurance

Cyber Insurance Insurance Cyber Attacks Ransomware

Top 8 Cyber Insurance Companies for 2022

eSecurity Planet

APRIL 22, 2022

That’s where cyber insurance may be able to help. For that reason, most experts now recognize that a complete cybersecurity strategy not only includes technological solutions aimed at preventing, detecting, and mitigating attacks, it should also include cyber insurance to help manage the associated financial risks. That’s a 29.1%

Cyber Insurance

Cyber Insurance Insurance Marketing Small Business

Masterclass in CIAM for Insurance: Balancing Security, Experience, and Consent

IT Security Guru

AUGUST 7, 2024

The insurance industry is experiencing a significant transformation fuelled by the ubiquity of digital technologies. As these solutions gain traction in this sector, they add complexity to a regulatory landscape that insurance firms need to navigate, especially when it comes to Customer Identity and Access Management (CIAM).

Insurance

Insurance Data collection Authentication Technology

Top Cybersecurity Trends to Watch Out For in 2025

Centraleyes

DECEMBER 16, 2024

Tools like ChatGPT and Bard, powered by large language models, showcase how generative AI transforms business processesbut they also pose new risks. In a recent survey, 93% of respondents admitted to knowingly increasing their companys cybersecurity risks. The challenge? Securing these AI models and the data they generate.

Cybersecurity

Cybersecurity Insurance Cyber Insurance Risk

The Evolving Role of Cyber Insurance in Mitigating Ransomware Attacks

SecureWorld News

MARCH 20, 2024

In this regard, many have touted cyber insurance as the knight in shining armor, the end all-be all in terms of mitigating criminals' assaults on your network. On top of this, a significant 41% of victims opted to pay the ransom, which is a difficult decision that's fraught with its own respective complexities and risks.

Cyber Insurance

Cyber Insurance Insurance Ransomware Risk

Dental group lied through teeth about data breach, fined $350,000

Malwarebytes

JANUARY 6, 2025

Westend Dental agreed to settle several violations of the Health Insurance Portability and Accountability Act (HIPAA) in a penalty of $350,000. Nothing showed evidence that a HIPAA-compliant risk analysis had ever been conducted (lists of usernames and passwords in plain text on the compromised server).

Data breaches

Data breaches Ransomware Passwords Insurance

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

SC Magazine

FEBRUARY 8, 2021

Every time a driver buckles up or an airbag is deployed we see the powerful influence of the insurance companies who insisted those measures become mandatory. Now, those insurers are poised to drive cybersecurity investment by insisting that organizations meet certain criteria to qualify for coverage. A maturing model.

Insurance

Insurance Cybersecurity Cyber Insurance Government

Scant evidence that cyber insurance boom is leading to better security

SC Magazine

JUNE 28, 2021

The rise of the cyber insurance has largely failed to promote better cybersecurity practices among the industries they cover, according to a new report released Monday from British security think tank RUSI. Growing losses from ransomware attacks have…emphasized that the current reality is not sustainable for insurers either.

Cyber Insurance

Cyber Insurance Insurance Ransomware Marketing

Anti-Ransomware Company Exagrid Pays $2.6 Million Ransom

Adam Levin

JUNE 4, 2021

Practice the 3Ms: Minimize your risk of exposure: Don’t take unnecessary risks and invest in cyber defenses and education. Monitor networks and accounts: Unusual activity may be a sign that a cyberattack is underway.

Ransomware

Ransomware Backups Insurance Healthcare

Why DSPM is Essential for Achieving Data Privacy in 2024

Security Affairs

OCTOBER 23, 2024

It becomes increasingly difficult to gain complete visibility or transparency that could help security and privacy teams discover sensitive data, identify its security and compliance postures, and mitigate risks. To add to the difficulty, the advent of Generative AI (GenAI) has brought unprecedented security and privacy risks.

Data privacy

Data privacy Unstructured Data Risk Data breaches

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

TechCrunch has been tracking the fallout from victim organizations , which range from banks and insurance providers to universities and healthcare entities. MOVEit parent Progress Software has since released security updates to address the weakness, but Cl0p claims to have already used it to compromise hundreds of victim organizations.

Risk

Risk VPN Internet Internet

Experian API Exposed Credit Scores of Most Americans

Krebs on Security

APRIL 28, 2021

In addition to credit scores, the Experian API returns for each consumer up to four “risk factors,” indicators that might help explain why a person’s score is not higher. “Too many consumer finance company accounts,” the API concluded about my friend’s score. .

Insurance

Insurance Identity Theft Accountability Technology

Sperm bank breach deposits data into hands of cybercriminals

Malwarebytes

MARCH 19, 2025

The information potentially involved varies by customer but includes names and one or more of the following: Drivers license numbers Bank account and routing numbers. Social Security Numbers (SSN) Health insurance information CCB is posting lettersalong the lines of this California example to everyone who may be impacted.

Banking

Banking Data breaches Computers and Electronics Passwords

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

This shift is expected to place significant pressure on organizations that haven’t yet developed trusted data to manage risk effectively. To mitigate risks, businesses will invest in modern, privacy-enhancing technologies (PETs), such as trusted execution environments (TEEs) and fully homomorphic encryption (FHE).

Cybersecurity

Cybersecurity CISO Risk Government

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Krebs on Security

NOVEMBER 19, 2021

One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim’s funds via Zelle , a “peer-to-peer” (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family.

Scams

Scams Banking Passwords Authentication

4 ways businesses can save money on cyber insurance

Malwarebytes

JULY 10, 2022

Without cyber insurance , you can expect to pay a dizzying amount of cash. In 2022 alone, the average cost of a data breach for businesses under 1,000 employees was close to $3 million—and these costs are coming from activities that cyber insurers typically cover, such as detecting and responding to the breach. Fixed rate.

Cyber Insurance

Cyber Insurance Insurance Data breaches Phishing

Cyber and Privacy Risks for Real Estate Enterprises

SecureWorld News

JANUARY 31, 2024

Cyber risk is an existential issue for companies of all sizes and in all industries. However, it also exposes companies to additional layers of risk. However, it also exposes companies to additional layers of risk. All stakeholders, including insurers, need to understand whose cyber insurance policy responds to an incident.

Risk

Risk Cyber Insurance Insurance Data breaches

Telehealth Hazard? HHS Loosens HIPAA Standards for Telemedicine

Adam Levin

MARCH 18, 2020

“The current pandemic is pushing the entire medical industry to minimize risk,” he added. In response to this potential problem, the department of Health and Human Services has waived penalties and loosened some of the requirements of the act.

Insurance

Insurance Healthcare Accountability Technology

Types of Risk Assessment Methodologies: Choosing the Right Approach for Your Needs

Centraleyes

MARCH 17, 2025

Every organization faces risks that threaten its objectives, assets, and operations. A risk assessment is the foundation for identifying, analyzing, and prioritizing these risks. Understanding the basics of risk assessment is the first step in building a resilient and proactive strategy to mitigate risks and vulnerabilities.

Risk

Risk Insurance Small Business Cybersecurity

The Case for Limiting Your Browser Extensions

Krebs on Security

MARCH 3, 2020

Last week, KrebsOnSecurity reported to health insurance provider Blue Shield of California that its Web site was flagged by multiple security products as serving malicious content. How did a browser extension lead to a malicious link being added to the health insurance company Web site?

Advertising

Advertising Insurance Internet Internet

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

New AI “agents” could hold people for ransom in 2025

Malwarebytes

FEBRUARY 4, 2025

And yet, if artificial intelligence achieves what is called an agentic model in 2025, novel and boundless attacks could be within reach, as AI tools take on the roles of agents that independently discover vulnerabilities, steal logins, and pry into accounts. These are real threats, but they are not novel.

Artificial Intelligence

Artificial Intelligence Small Business Malware Technology

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webroot

MARCH 3, 2025

The event is sponsored by the Federal Trade Commission (FTC), and other participating agencies include the Federal Deposit Insurance Corporation (FDIC), AARP , and the Better Business Bureau (BBB). The growing risks to your data During the third quarter of 2024, data breaches exposed more than 422 million records worldwide.

Consumer Protection

Consumer Protection Identity Theft Scams Social Engineering

The Need to Simplify Compliance Risk Control Implementation

Security Boulevard

AUGUST 31, 2021

Organizations around the world must fulfill an increasing number of regulatory requirements including NIST, Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI-DSS) and General Data Protection Regulation (GDPR) as well as federal and state data breach laws.

Risk

Risk Data breaches Healthcare Financial Services

Business ID Theft Soars Amid COVID Closures

Krebs on Security

JULY 27, 2020

. “The ferocity of cyber criminals to take advantage of COVID-19 uncertainties by preying on small businesses is disturbing,” said Andrew LaMarca , who leads the global high-risk and fraud team at Dun & Bradstreet. For the past several months, Milwaukee, Wisc. ” PHANTOM OFFICES. ” RECYCLING VICTIMS. .

Identity Theft

Identity Theft Small Business Energy and Utilities Computers and Electronics

Robocall Legal Advocate Leaks Customer Data

Krebs on Security

AUGUST 3, 2020

Use our robust API to seamlessly scrub these high-risk numbers from your outbound campaigns and inbound calls, or adjust your suppression settings to fit your individual requirements and appetite for risk.” Scrub against active plaintiffs, pre litigation complainers, active attorneys, attorney associates, and more.

Mobile

Mobile Marketing Consumer Protection Wireless

“We will hold them accountable”: General Motors sued for selling customer driving data to third parties

Malwarebytes

AUGUST 20, 2024

million Texans’ private driving data to insurance companies without their knowledge or consent. We will hold them accountable.” GM had agreements with various companies which allowed them to the driving data to calculate a driving score based on risk analysis. The court filing provides some more detail.

Insurance

Insurance Accountability Data collection Surveillance

COVID-19 Vaccination Management Problems Have Created a Privacy Nightmare For Americans – Even Without Vaccine Passports

Joseph Steinberg

APRIL 20, 2021

Hospitals, medical clinics, labs, pharmacies, insurance companies, and others involved in the vaccination process often require people who want to be vaccinated to share large amounts of both medical and demographic data in order to register for vaccine appointments. Provide as little information as possible to vaccinators.

Healthcare

Healthcare Insurance Computers and Electronics Data collection

MSPs: Becoming the Trusted Cyber Insurance Advisor

Duo's Security Blog

FEBRUARY 4, 2025

With the rate that new threats emerge, it may come as no surprise that cyber liability insurance can be traced back to 1997. In its modern iteration, cyber liability insurance mitigates the losses and business costs associated with cyber incidents and resulting downtime. What would an insurer do? At least not alone.

Cyber Insurance

Cyber Insurance Insurance Authentication Risk

Senators Urge FTC to Probe ID.me Over Selfie Data

Krebs on Security

MAY 18, 2022

for “deceptive statements” the company and its founder allegedly made over how they handle facial recognition data collected on behalf of the Internal Revenue Service , which until recently required anyone seeking a new IRS account online to provide a live video selfie to ID.me. would be permanently deleted.

Government

Government Accountability Surveillance Data collection

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

The CLOP members said one tried-and-true method of infecting healthcare providers involved gathering healthcare insurance and payment data to use in submitting requests for a remote consultation on a patient who has cirrhosis of the liver. Encrypting sensitive data wherever possible. ”

Healthcare

Healthcare Backups Ransomware Insurance

AI in the Enterprise: Key Findings from the ThreatLabz 2025 AI Security Report

Security Boulevard

MARCH 20, 2025

It examines the rising risks associated with AI, from cybercriminals weaponizing AI for more sophisticated attacks to the security implications of recent AI advancements like the open source model DeepSeek, while providing best practices for mitigating these risks.This blog post summarizes several highlights from the report.

Social Engineering

Social Engineering Phishing Risk Insurance

Wind turbines and lightning very very frightening – and cyber security

Javvad Malik

FEBRUARY 27, 2023

According to a German study, lightning strikes accounted for 80% of wind turbine insurance claims. The German electric power company Energieerzeugungswerke Helgoland GmbH shut down and dismantled their Helgoland Island wind power plant after being denied insurance against further lightning losses.

Insurance

Insurance Social Engineering Manufacturing Cybercrime

MY TAKE: Coping with security risks, compliance issues spun up by ‘digital transformation’

The Last Watchdog

AUGUST 22, 2019

The Capital One breach demonstrated, yet again, that well-defended enterprises have yet to figure out how to account for all the complexities of moving to the cloud and relying more on DevOps. The massive transformation that’s happening right now introduces a lot of risk. it’s almost a perfect storm.

Digital transformation

Digital transformation Risk Firewall Accountability

5 Ways Businesses Can Stay Ahead of Cybersecurity Attacks

CyberSecurity Insiders

SEPTEMBER 20, 2021

They protect your electronic devices and accounts from hackers. In addition, regularly changing your password and using different passwords for all your online accounts will lower your risk of being compromised. Invest in cybersecurity insurance. Use strong passwords. Passwords are your first line of defense.

Cybersecurity

Cybersecurity Insurance Passwords Encryption

Hidden Costs of Cybersecurity: Balancing Risk, Complexity & Efficiency

SecureWorld News

OCTOBER 21, 2024

In contrast, more mature organizations quantify risk, comparing the original risk against the cost of the solution and the residual risk after deployment to decide whether to proceed with the purchase. Some focus on the solution's problem-solving capabilities, suitability, and efficacy.

Risk

Risk Cybersecurity Antivirus Authentication

Ensuring Data Security in Global Talent Outsourcing: Strategies for Mitigating Risks

SecureWorld News

JULY 3, 2024

However, this trend also introduces significant data security risks that cannot be overlooked. To navigate the complexities of global talent outsourcing while safeguarding valuable data, organizations must adopt a proactive and comprehensive approach to risk mitigation. Unauthorized access to sensitive data 1.

Risk

Risk Data breaches Penetration Testing Encryption

Report Finds 50% of Scattered Spider Phishing Domains Targeted Finance & Insurance

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Trending Sources

DNA testing company vanishes along with its customers’ genetic data

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

Credit Reporting Companies Put Customer Data at Risk

Healthcare Now Third-Most Targeted Industry for Ransomware

Cyber Insurance and the Changing Global Risk Environment

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

Top 8 Cyber Insurance Companies for 2022

Masterclass in CIAM for Insurance: Balancing Security, Experience, and Consent

Top Cybersecurity Trends to Watch Out For in 2025

The Evolving Role of Cyber Insurance in Mitigating Ransomware Attacks

Dental group lied through teeth about data breach, fined $350,000

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

Scant evidence that cyber insurance boom is leading to better security

Anti-Ransomware Company Exagrid Pays $2.6 Million Ransom

Why DSPM is Essential for Achieving Data Privacy in 2024

CISA Order Highlights Persistent Risk at Network Edge

Experian API Exposed Credit Scores of Most Americans

Sperm bank breach deposits data into hands of cybercriminals

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

4 ways businesses can save money on cyber insurance

Cyber and Privacy Risks for Real Estate Enterprises

Telehealth Hazard? HHS Loosens HIPAA Standards for Telemedicine

Types of Risk Assessment Methodologies: Choosing the Right Approach for Your Needs

The Case for Limiting Your Browser Extensions

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

New AI “agents” could hold people for ransom in 2025

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

The Need to Simplify Compliance Risk Control Implementation

Business ID Theft Soars Amid COVID Closures

Robocall Legal Advocate Leaks Customer Data

“We will hold them accountable”: General Motors sued for selling customer driving data to third parties

COVID-19 Vaccination Management Problems Have Created a Privacy Nightmare For Americans – Even Without Vaccine Passports

MSPs: Becoming the Trusted Cyber Insurance Advisor

Senators Urge FTC to Probe ID.me Over Selfie Data

New Ransom Payment Schemes Target Executives, Telemedicine

AI in the Enterprise: Key Findings from the ThreatLabz 2025 AI Security Report

Wind turbines and lightning very very frightening – and cyber security

MY TAKE: Coping with security risks, compliance issues spun up by ‘digital transformation’

5 Ways Businesses Can Stay Ahead of Cybersecurity Attacks

Hidden Costs of Cybersecurity: Balancing Risk, Complexity & Efficiency

Ensuring Data Security in Global Talent Outsourcing: Strategies for Mitigating Risks

Stay Connected