Most companies today opt to distribute their employees’ W-2 tax forms electronically; either through email or some type of download service. Because these forms contain a good deal of Personally Identifiable Information (“PII”), such as name, address, social security number and salary information – cyber thieves are using several simple, yet, tried-and-true methods to fraudulently obtain them.
Organizations today must regard cyber breaches not as a possibility, but as an inevitable fact of life. In this environment, it’s crucial to have a cyber liability insurance policy that adequately covers the potential loss and offers payment or reimbursement for response costs. Understanding what’s covered by the policy well before a breach occurs and building that knowledge into your company’s incident response plan is critical.
2016 was a big year for ransomware. It saw a massive increase in ransomware events and payouts to criminals, which, most experts say, only exacerbates the issue.
A 2015 report by the Herjavec Group (an Information Security company) noted that the total cost of ransomware reached $1 billion in 2016. With new “strains” of ransomware spreading worldwide (such as the Russian “spora”), we should all be on high alert for this business-impacting cyber threat.
Back in May 2016 I posted a blog (Be Prepared – Data Breach Notification Laws are Changing), which covered how data breach notification laws were evolving. At that time the state of Tennessee amended its law, becoming the first state in the nation to require notification of any data breach, whether the information is encrypted or not. I also predicted that state laws would most likely become stricter in the not too distant future…
Topics: Breach of Security, California Data Breach Notification Law; Data Brea, Cyber Breach, Cyber Liability, Cyber Risk, Cyber Security, Data Breach, Personally Identifiable Information, PII, Protection Bill AB2828, Risk management, Risk Management Blog
As the world focuses on the outcome of the contentious Presidential race between Trump and Clinton, the US government is on high alert for potential Election Day cyber attacks. The current global cyber climate, this summer’s Russian hack of the Democratic National Committee, and a recent string of Distributed Denial of Service (DDoS) attacks have intelligence officials highly concerned that cyber event(s) could seriously infringe on today’s election process.
Topics: Breach of Security, Cyber Breach, Cyber Insurance, Cyber Risk, Cyber Security, Data Breach, Election Day Cyber Alert, Election Day Cyber Attack, High Alert Election Day Cyber Attack, Risk Management Blog
With the Presidential Election only days away, the question remains: Will the election be hacked? In this case, a cyber breach can lead to two major issues. The first is stolen data of registered voters; the second issue and perhaps the more frightening one – manipulation of the election results.
The Personally Identifiable Information (“PII”) of approximately 10,000 past and present employees of Seagate Technology, a leading electronics and data storage solutions manufacturer, was handed over freely to cybercriminals. The information included W-2 forms, names of beneficiaries, social security numbers of employees and spouses, etc. Needless to say, the impacted people are not thrilled and have brought suit against Seagate for malpractice and a lack of regard for employees affected by the negligent handling of data.
Topics: Breach of Security, Cyber Breach, Cyber Liability, Cyber Risk, Cyber Security, Data Breach, Phishing Scam, Risk Management Blog, Seagate Class Action Suite, Seagate Cyber Attack, Seagate Phishing Scam
In Part 1 of this post, I noted that ransomware events are occurring much more frequently; as many as 4,000 a day since January 1st of 2016. We took a look at some preventative measures that may protect your company and its network/data against a ransomware event.
The U.S. Department of Justice stated that “More than 4,000 ransomware attacks have occurred daily since January 1, 2016. This is a 300 percent increase over the approximately 1,000 attacks per day seen in 2015.”
Essentially, no particular user, company or business sector is safe. Although the Healthcare and Retail industries are targeted for their volume and value of data, home computers may also fall victim to ransomware.
Cisco has released the 2016 Midyear Cybersecurity Report and their findings point to future, more sophisticated types of ransomware that will take full advantage of systems with less than satisfactory security measures, patching practices, and detection rates.