Good day. First American Title Insurance Co. allegedly violated New York cybersecurity rules by exposing individuals’ Social Security numbers and other sensitive data, WSJ Pro’s James Rundle and Dylan Tokar report. The title company said it will fight charges filed against it by a New York regulator, pointing to an assessment by the insurance regulator in its home state of Nebraska that found adequate technology controls in place. The outcome will be notable, as this is the first case brought under New York rules that debuted more than three years ago.
Also today: Canadian government agencies suspend fingerprinting temporarily; Ancestry.com data exposed; and U.S. cyber agency bolsters health-care security expertise.
Follow @WSJCyber on Twitter.
Cybersecurity Compliance
New York regulator charges
First American
unit over 2019 data breach. The New York State Department of Financial Services alleged that First American Title Insurance Co., the second-largest real-estate title insurer in the U.S., exposed hundreds of millions of documents containing sensitive information such as Social Security numbers and bank account information over several years.
It is the first enforcement action by the regulator under rules that debuted in 2017 requiring banks and other financial services companies to maintain cybersecurity protections.
The data exposure stemmed from flaws in a document-management system that allowed anyone to view files without needing passwords or other security measures, DFS said.
“First American strongly disagrees with the New York Department of Financial Services’ charges,” the company said in a statement. A spokesman said the company will contest the charges. First American Title Insurance is a unit of First American Financial Corp.
DFS has set a hearing for Oct. 26.
Read the full article.
More Cyber News
Canadian government relaxes fingerprint rules during pandemic. Some agencies in Canada’s national government are forgoing the fingerprinting of new hires while social-distancing rules are in place, allowing conditional security clearances to be granted, The Outlook reports. The government has had to hire quickly to meet emergency needs during the coronavirus outbreak and distancing requirements have inhibited collecting fingerprints in some cases. Other aspects of security checks continue, including verifying identities and credit histories.
Ancestry.com data exposed. Genealogy information for about 60,000 individuals was at risk because of a problem with a server used in the construction of online family trees for users of Ancestry.com, ThreatPost reports. Soon after a cybersecurity researcher notified Software MacKiev, which is the company that runs the family-tree software, that the server was exposed to the public internet, the problem was fixed. About 25 gigabytes of information was potentially compromised, including email addresses and user locations.
DHS cyber agency bolsters health-care security expertise. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency recently hired Josh Corman, an expert in protecting medical devices formerly with
IBM
,
CyberScoop reports. CISA also is expected to bring on board Rob Arnold, former chief executive of Threat Sketch LLC, to focus on pandemic-related security risks in critical infrastructure. Beau Woods, who was recently in cybersecurity at the U.S. Food and Drug Administration, is also due to join CISA. Federal authorities have warned of attempts from Russia and China to hack medical and research facilities working on coronavirus treatments.
%%
source https://jobsearchtips.net/cyber-daily-first-american-unit-to-fight-charges-of-security-lapses-ancestry-com-data-exposed/
No comments:
Post a Comment