LifeLabs Paid Hackers to Recover Stolen Medical Data of 15 Million Canadians

LifeLabs, the largest provider of healthcare laboratory testing services in Canada, has suffered a massive data breach that exposed the personal and medical information of nearly 15 million Canadians customers.

The company announced the breach in a pr… Continue reading LifeLabs Paid Hackers to Recover Stolen Medical Data of 15 Million Canadians

The Future of Cybersecurity Insurance

Cybersecurity incidents and data breaches have become a normal part of the news cycle. It feels like every day you hear about a big corporation or organization suffering an attack that has put customer or user data in jeopardy. Sometimes this is becaus… Continue reading The Future of Cybersecurity Insurance

AIG subsidiary tells court it’s not responsible for Landry’s legal costs in $20 million lawsuit filed after breach

An insurance company is arguing in court it should not be responsible for covering a $20 million lawsuit filed in connection with a data breach at a national restaurant and hospitality chain. The Insurance Company of the State of Pennsylvania, an AIG subsidiary, argued in the U.S. Court of Appeals for the Fifth Circuit on Nov. 25 that it does not need to fund a legal defense for the Landry’s restaurant chain following a breach uncovered in 2015. JP Morgan Chase and its payment processing arm, Paymentech, filed suit in 2018 against Landry’s, alleging the company has failed to compensate the bank for breach-related costs. Chase accused Landry’s, which operates Bubba Gump Shrimp, Rainforest Café and Joe’s Crab Shack locations, among others, of failing to reimburse the bank for post-breach assessments conducted by Visa and Mastercard. Hackers spent months lurking inside Landry’s systems from 2014 to 2015, accessing customers’ payment […]

The post AIG subsidiary tells court it’s not responsible for Landry’s legal costs in $20 million lawsuit filed after breach appeared first on CyberScoop.

Continue reading AIG subsidiary tells court it’s not responsible for Landry’s legal costs in $20 million lawsuit filed after breach

Developing Cybersecurity Muscle Memory with Table Top Sessions

The post Developing Cybersecurity Muscle Memory with Table Top Sessions appeared first on CCSI.
The post Developing Cybersecurity Muscle Memory with Table Top Sessions appeared first on Security Boulevard.
Continue reading Developing Cybersecurity Muscle Memory with Table Top Sessions

Norsk Hydro’s cyber insurance has paid just a fraction of its breach-related losses so far

Norsk Hydro received an insurance payout of $3.6 million following a highly publicized cyberattack earlier this year, the company revealed in its third quarter earnings report. The insurance payout represents about 6% of the $60 million to $71 million in costs created by the incident through the third quarter, the company said. The Norwegian aluminum and energy giant expects more compensation will come as more costs are totaled. Norsk Hydro, which had a market capitalization of $12 billion last year, said after the attack in March that its policy, led by AIG, was “solid.” The company said it was struck with a large ransomware attack that started in its U.S. facilities then spread. It wasn’t until summer when Norsk Hydro determined the situation was stable. Incident responders determined the ransomware strain was LockerGoga, which has haunted the industrial sector. Norsk Hydro did not pay the ransom demand, deciding instead to restore its systems from digital backups. The firm also […]

The post Norsk Hydro’s cyber insurance has paid just a fraction of its breach-related losses so far appeared first on CyberScoop.

Continue reading Norsk Hydro’s cyber insurance has paid just a fraction of its breach-related losses so far

Why are cyber insurers incentivizing clients to invest in specific vendors?

The cyber insurance industry is taking baby steps away from a long and messy infancy. For the hundreds of companies that offer policies, toddlerhood is here, and it means exerting more influence over how clients protect their networks and information. For years, headlines have fixated on how big firms like AIG and Zurich have been locked in legal disputes over specific claims, but insurers are now trying to be more proactive with customers. The smartest approach for everyone, they say, is to prevent breaches from happening in the first place. Key to that, and saving money, is trying to identify the products that are most effective. Marsh, the global insurance broker and risk adviser, last month published its first list of Cyber Catalyst-designated products, a tag given to 17 services that a group of insurance firms say its clients should consider, including offerings like FireEye’s Endpoint tool and CrowdStrike penetration testing service. Insurers for years have assessed security products, […]

The post Why are cyber insurers incentivizing clients to invest in specific vendors? appeared first on CyberScoop.

Continue reading Why are cyber insurers incentivizing clients to invest in specific vendors?

AIG says its cyber insurance plans don’t cover criminal acts; wants lawsuit tossed

Insurance giant AIG argued to a New York federal court on Monday that it is not responsible to cover nearly $6 million in losses incurred by a client that was victimized by suspected Chinese hackers. The company asked a court in the Southern District of New York to dismiss a lawsuit filed in August by SS&C Technologies, a $6 billion financial technology company, which alleged that AIG violated its contract by failing to cover losses from fraud. Hackers fleeced SS&C out of $5.9 million in 2016 by emailing company employees from spoofed email addresses, and requesting monetary transfers. AIG says its policy stipulates that the insurer will not cover losses stemming from criminal activity. “SS&C admits that it has filed suit seeking indemnity coverage for its settlement of a breach of contract claim concerning criminals using ‘spoof emails’ to trick SS&C into improperly using its authority over its client’s bank […]

The post AIG says its cyber insurance plans don’t cover criminal acts; wants lawsuit tossed appeared first on CyberScoop.

Continue reading AIG says its cyber insurance plans don’t cover criminal acts; wants lawsuit tossed

Arceo.ai raises $37 million to expand cyber insurance coverage and access

Critical cyber attacks on both businesses and individuals have been grabbing headlines at an alarming rate. Cybersecurity has moved from a background risk for enterprises to a critical day-to-day threat to business operations, forcing executive teams to pour time and hundreds of billions in capital into monitoring and prevention efforts. Yet even as investment in […] Continue reading Arceo.ai raises $37 million to expand cyber insurance coverage and access

Amazon launches Amazon Care, a virtual and in-person healthcare offering for employees

Amazon has gone live with Amazon Care, a new pilot healthcare service offering that is initially available to its employees in and around the Seattle area. The Amazon Care offering includes both virtual and in-person care, with telemedicine via app, chat and remote video, as well as follow-up visits and prescription drug delivery in person […] Continue reading Amazon launches Amazon Care, a virtual and in-person healthcare offering for employees

Shareholders allege FedEx covered up damages caused by NotPetya attack

FedEx shareholders are accusing the company’s executives of failing to disclose the full extent of the NotPetya ransomware attack while also selling tens of millions of dollars worth of their own stock in the company, according to a lawsuit filed last week. Stock owners filed a lawsuit on Sept. 17 alleging that FedEx brass provided “materially false and misleading statements” about the ransomware attack that locked up systems at company subsidiary TNT Express more than two years ago. NotPetya wreaked havoc on corporate giants including Maersk, the British advertising firm WPP and the pharmaceutical conglomerate Merck. The White House blamed Russia for the attack, which caused more than $10 billion in damages and spurred a number of high profile lawsuits in the private sector. In this case, the suit alleges FedEx failed to inform its shareholders that TNT Express customers were abandoning the company in favor of other logistics providers […]

The post Shareholders allege FedEx covered up damages caused by NotPetya attack appeared first on CyberScoop.

Continue reading Shareholders allege FedEx covered up damages caused by NotPetya attack