Tag: insurance
-
US insurance giant Aflac says hackers stole personal and health data of 22.6 million people
Aflac, one of the largest insurance companies in the U.S., confirmed hackers stole reams of personal data, including Social Security numbers, identity documents, and health information. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/23/us-insurance-giant-aflac-says-hackers-stole-personal-and-health-data-of-22-6-million-people/
-
US insurance giant Aflac says hackers stole personal and health data of 22.6 million
Aflac, one of the largest insurance companies in the U.S., confirmed hackers stole reams of personal data, including Social Security numbers, identity documents, and health information. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/23/us-insurance-giant-aflac-says-hackers-stole-personal-data-of-22-6-million/
-
Best of 2025: Scattered Spider Targets Aflac, Other Insurance Companies
Fresh off a series of recent attacks targeting major retail companies in the United States and the UK, the notorious Scattered Spider cybercrime group is now targeting insurance companies, and earlier this month apparently bagged a high-profile victim in Aflac. The intrusion in Aflac, which was detected June 12 when the insurance company’s security team..…
-
What CISOs should know about the SolarWinds lawsuit dismissal
Responsibility without authority is the real risk: At the heart of the SolarWinds lawsuit was a familiar problem for security leaders: responsibility without authority. The dynamic that caught Tim Brown in the SEC’s jaws is that, despite his experience, seniority, and title, he, like most CISOs, carries tremendous responsibility without any real organizational authority to…
-
What CISOs should know about the SolarWinds lawsuit dismissal
Responsibility without authority is the real risk: At the heart of the SolarWinds lawsuit was a familiar problem for security leaders: responsibility without authority. The dynamic that caught Tim Brown in the SEC’s jaws is that, despite his experience, seniority, and title, he, like most CISOs, carries tremendous responsibility without any real organizational authority to…
-
ISMG Editors’: When KYC No Longer Signals Trust
Also: Cyber Insurers Brace for AI Risk, Shopping Agents Rewrite E-commerce. In this week’s ISMG Editors’ Panel, four editors examine how artificial intelligence is quietly reshaping trust, risk and decision-making, from identity verification and cyber insurance to the rise of AI agents in online shopping. The ISMG Editors’ Panel runs weekly. First seen on govinfosecurity.com…
-
D&O liability protection rising for security leaders, unless you’re a midtier CISO
Tags: access, best-practice, breach, business, ciso, compliance, control, cyber, cybersecurity, data, data-breach, defense, finance, governance, incident response, insurance, jobs, law, network, risk, risk-management, security-incident, toolA question of indemnity: But Ryan Griffin, US cyber leader at insurance broker McGill and Partners, points out that the difference between D&O insurance and a direct indemnification agreement is often misunderstood.”The most crucial tool for a CISO’s protection is the indemnification agreement with their employer,” Griffin explains. “The D&O policy is how the company…
-
D&O liability protection rising for security leaders, unless you’re a midtier CISO
Tags: access, best-practice, breach, business, ciso, compliance, control, cyber, cybersecurity, data, data-breach, defense, finance, governance, incident response, insurance, jobs, law, network, risk, risk-management, security-incident, toolA question of indemnity: But Ryan Griffin, US cyber leader at insurance broker McGill and Partners, points out that the difference between D&O insurance and a direct indemnification agreement is often misunderstood.”The most crucial tool for a CISO’s protection is the indemnification agreement with their employer,” Griffin explains. “The D&O policy is how the company…
-
The 12 Months of Innovation: How Salt Security Helped Rewrite API AI Security in 2025
Tags: access, ai, api, attack, automation, breach, business, ciso, cloud, compliance, control, crowdstrike, cyber, data, data-breach, defense, detection, email, exploit, github, governance, injection, insurance, intelligence, privacy, risk, risk-management, software, strategy, supply-chain, threat, tool, wafAs holiday lights go up and inboxes fill with year-in-review emails, it’s tempting to look back on 2025 as “the year of AI.” But for security teams, it was something more specific the year APIs, AI agents, and MCP servers collided across the API fabric, expanding the attack surface faster than most organizations could keep…
-
How Cyber Insurance MGAs Shape Policies for Evolving Cyber Risks
Managing general agents help insurers navigate sectors where they lack expertise. A cybersecurity policy written by an MGA is more likely to reflect an understanding of the risks CISOs deal with. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/how-cyber-insurance-mga-shape-cyber-risk-policy
-
Youth Sports, NCAA Insurance Claims Potentially Hacked
National Accident Health Says Breach Exposed Medical Info of 181,000 People. A Maine-based third-party administrator that handles healthcare claims involving day care centers, youth sports and NCAA athlete accidents is notifying more than 181,000 individuals that their medical information and personal identifiers may have been accessed or stolen in a hacking incident. First seen on…
-
Ransomware-Bande attackiert Ideal Versicherung
Die Ransomware-Bande Akira hat die Versicherungsgruppe Ideal angegriffen.Auf seiner Webseite informiert das Versicherungsunternehmen Ideal aktuell über einen Cyberangriff. Die Systeme seien vorsorglich vom Netz genommen worden und der Geschäftsbetrieb würde nur noch eingeschränkt funktionieren, heißt es.Die zur Versicherungsgruppe gehörende Ahorn AG ist demnach ebenfalls von dem IT-Ausfall betroffen. Hingegen blieb das Tochterunternehmen myLife Lebensversicherung verschont.…
-
Ransomware-Bande attackiert Ideal Versicherung
Die Ransomware-Bande Akira hat die Versicherungsgruppe Ideal angegriffen.Auf seiner Webseite informiert das Versicherungsunternehmen Ideal aktuell über einen Cyberangriff. Die Systeme seien vorsorglich vom Netz genommen worden und der Geschäftsbetrieb würde nur noch eingeschränkt funktionieren, heißt es.Die zur Versicherungsgruppe gehörende Ahorn AG ist demnach ebenfalls von dem IT-Ausfall betroffen. Hingegen blieb das Tochterunternehmen myLife Lebensversicherung verschont.…
-
Cyberangriff auf Ideal Gruppe: Systeme von Berliner Versicherung kompromittiert
Die auf Alters- und Pflegevorsorgeversicherungen spezialisierte Ideal Gruppe untersucht einen Ransomware-Befall. Der Geschäftsbetrieb ist eingeschränkt. First seen on golem.de Jump to article: www.golem.de/news/cyberangriff-hacker-attackieren-ideal-versicherung-mit-ransomware-2512-203275.html
-
Cyberangriff: Hacker attackieren Ideal Versicherung mit Ransomware
Die auf Alters- und Pflegevorsorgeversicherungen spezialisierte Ideal Gruppe untersucht einen Ransomware-Befall. Der Geschäftsbetrieb ist eingeschränkt. First seen on golem.de Jump to article: www.golem.de/news/cyberangriff-hacker-attackieren-ideal-versicherung-mit-ransomware-2512-203275.html
-
Organizations can now buy cyber insurance that covers deepfakes
Cybersecurity insurer Coalition said it will start covering certain incidents where AI and deepfakes lead to reputational harm. First seen on cyberscoop.com Jump to article: cyberscoop.com/url-coalition-cybersecurity-insurance-coverage-deepfakes-reputational-harm/
-
Organizations can now buy cyber insurance that covers deepfakes
Cybersecurity insurer Coalition said it will start covering certain incidents where AI and deepfakes lead to reputational harm. First seen on cyberscoop.com Jump to article: cyberscoop.com/url-coalition-cybersecurity-insurance-coverage-deepfakes-reputational-harm/
-
23andMe to Get $16.5M in Unused Cyber Insurance
Bankrupt Firm Plans to Use the Settlement Money to Pay Off Cyber Claims. As part of its ongoing Chapter 11 bankruptcy proceedings, 23andMe Holding Co. – now named Chrome Holding – has reached a settlement with its cyber insurers for the carriers to buy back $16.5 million of the consumer genetics testing firm’s unused cyber…
-
Akamai Study Shows Microsegmentation Boosts Security
Microsegmentation no longer remains a buzzword. In today’s threat landscape, organizations are adopting it as a frontline defense against cyberattacks and higher cyber insurance premiums. About 90% of organizations are using some form of segmentation, according to Akamai’s 2025 Segmentation Impact Study. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/akamai-study-shows-microsegmentation-boosts-security-i-5501
-
What security pros should know about insurance coverage for AI chatbot wiretapping claims
AI-powered chatbots raise profound concerns under federal and state wiretapping and eavesdropping statutes that is being tested by recent litigation, creating greater exposure … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/18/stephanie-gee-reed-smith-ai-chatbot-legal-risks/
-
Press Release: CIO100 and CSO30 ASEAN Awards Gala 2025 Celebrate Regional Excellence in Technology Leadership
Tags: ai, business, cio, computer, cyber, cybersecurity, defense, finance, framework, group, healthcare, insurance, intelligence, international, resilience, service, technologyThe CIO100 and CSO30 ASEAN and Hong Kong Awards Gala on November 12, 2025, delivered a powerful validation of the region’s technology leadership maturity. CIO ASEAN and CSO ASEAN had the privilege of hosting an evening that brought together the most elite CIO100 and CSO30 award winners, and technology teams from Singapore, Malaysia, Indonesia, Vietnam,…
-
Press Release: CIO100 and CSO30 ASEAN Awards Gala 2025 Celebrate Regional Excellence in Technology Leadership
Tags: ai, business, cio, computer, cyber, cybersecurity, defense, finance, framework, group, healthcare, insurance, intelligence, international, resilience, service, technologyThe CIO100 and CSO30 ASEAN and Hong Kong Awards Gala on November 12, 2025, delivered a powerful validation of the region’s technology leadership maturity. CIO ASEAN and CSO ASEAN had the privilege of hosting an evening that brought together the most elite CIO100 and CSO30 award winners, and technology teams from Singapore, Malaysia, Indonesia, Vietnam,…
-
Your passwordless future may never fully arrive
Tags: access, api, attack, authentication, breach, ceo, ciso, cloud, compliance, credentials, cyber, cybersecurity, group, infrastructure, insurance, mfa, network, passkey, password, risk, service, strategy, technology, vpn, zero-trustAll-in passwordless strategies fall short: Jim Taylor, chief product and strategy officer at RSA, says today’s enterprise environment and existing passwordless approaches make “100% passwordless not possible just yet,” adding that “85% is possible, with the 15% representing the complicated and the very specialized” needs such as “security admins who need to log in to…