New York state sued Allstate on Monday, accusing the insurer’s National General unit of failing to report a data breach that exposed drivers’ license numbers, and not developing reasonable safeguards to protect policyholders’ private information.
The lawsuit by New York Attorney General Letitia James was filed in a state court in Manhattan, and seeks civil fines. Allstate did not immediately respond to a request for comment.
Read more…
Source: USA TODAY
Related:
- GM credential stuffing attack exposed car owners’ personal info
May 24, 2022
US car manufacturer GM disclosed that it was the victim of a credential stuffing attack last month that exposed some customers’ information and allowed hackers to redeem rewards points for gift cards. General Motors operates an online platform to help owners of Chevrolet, Buick, GMC, and Cadillac vehicles manage their bills, services, and redeem rewards points. Car ...
- UK privacy watchdog fines Clearview AI £7.5m and orders UK data to be deleted
May 24, 2022
The Information Commissioner’s Office (ICO) has fined controversial facial recognition company Clearview AI £7.5 million ($9.4 million) for breaching UK data protection laws and has issued an enforcement notice ordering the company to stop obtaining and using data of UK residents, and to delete the data from its systems. In its finding, the ICO detailed how ...
- Ransomware attack exposes data of 500,000 Chicago students
May 21, 2022
The Chicago Public Schools has suffered a massive data breach that exposed the data of almost 500,000 students and 60,000 employee after their vendor, Battelle for Kids, suffered a ransomware attack in December. Ohio-based Battelle for Kids is a not-for-profit educational organization that analyzes student data shared by public school systems to design instructional models and ...
- Third-party web trackers log what you type before submitting
May 16, 2022
An extensive study looking into the top 100k ranking websites has revealed that many are leaking information you enter in the site forms to third-party trackers before you even press submit. This leaked data includes personal identifiers, email addresses, usernames, passwords, or even messages entered into forms and then deleted and never actually submitted. This data leak ...
- Engineering firm Parker discloses data breach after ransomware attack
May 16, 2022
The Parker-Hannifin Corporation announced a data breach exposing employees’ personal information after the Conti ransomware gang began publishing allegedly stolen data last month. Parker is an Ohio-based corporation specializing in advanced motion and control technologies, with a strong focus in aerospace hydraulic equipment. It has a revenue of $15.6 billion and employs over 58,000 people. Parker-Hannifin says ...
- Ukrainian crook jailed in US for selling thousands of stolen login credentials
May 13, 2022
A Ukrainian man has been sentenced to four years in a US federal prison for selling on a dark-web marketplace stolen login credentials for more than 6,700 compromised servers. Glib Oleksandr Ivanov-Tolpintsev, 28, was arrested by Polish authorities in Korczowa, Poland, on October 3, 2020, and extradited to America. He pleaded guilty on February 22, and ...