The New York Department of Financial Services, which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. 2 (2021) regarding “Cyber Insurance Risk Framework”, calling on insurers to take more stringent measures in underwriting cyber risks. In the Guidelines, NYDFS cites the 2020 SolarWinds attack as an example of how managing growing cyber risk is “an urgent challenge for insurers.”
Continue Reading New York Regulators Call on Insurers to Strengthen the Cyber Underwriting Process
Cyber Attack
NY Department of Financial Services Issues Cyber Fraud Alert to Regulated Entities Using Instant Quote Websites
The New York Department of Financial Services has issued a Cyber Fraud Alert to regulated entities in light of a growing campaign to steal Nonpublic Information, as defined under New York law, from public-facing websites that provide instant quotes for products like auto insurance.…
Continue Reading NY Department of Financial Services Issues Cyber Fraud Alert to Regulated Entities Using Instant Quote Websites
CNIL Fines a Data Controller and Its Processor 225,000 Euros for Security Violation in Connection with Credential Stuffing
On January 27, 2021, the French Data Protection Authority announced that it imposed a fine of 150,000 Euros on a data controller, and a fine of 75,000 Euros on its data processor, for failure to implement adequate security measures to protect customers’ personal data against credential stuffing attacks on the website of the data controller. The CNIL decided not to make its decisions public, thereby not disclosing the name of the companies sanctioned.…
Continue Reading CNIL Fines a Data Controller and Its Processor 225,000 Euros for Security Violation in Connection with Credential Stuffing
ICO Fines Ticketmaster 1.25 Million Pounds for Security Failures
On November 13, 2020, the UK Information Commissioner’s Office fined Ticketmaster UK Limited £1.25 million for failing to keep its customers’ personal data secure.…
Continue Reading ICO Fines Ticketmaster 1.25 Million Pounds for Security Failures