New York state sued Allstate on Monday, accusing the insurer’s National General unit of failing to report a data breach that exposed drivers’ license numbers, and not developing reasonable safeguards to protect policyholders’ private information.
The lawsuit by New York Attorney General Letitia James was filed in a state court in Manhattan, and seeks civil fines. Allstate did not immediately respond to a request for comment.
Read more…
Source: USA TODAY
Related:
- Lazada confirms 1.1M accounts compromised in RedMart security breach
October 30, 2020
Singapore-based online grocery platform RedMart has suffered a data breach that compromised personal data of 1.1 million accounts. An individual has claimed to be in possession of the database involved in the breach, which contains various personal information such as mailing addresses, encrypted passwords, and partial credit card numbers. RedMart customers on Friday were logged out ...
- Hacker releases Georgia county’s election-related files
October 29, 2020
Hackers on Tuesday released a sample of stolen election-related documents from networks in Hall County, Ga., as part of their efforts to pressure county officials into paying a ransom for control of the files. The Wall Street Journal reported that the batch of files, which were largely administrative and nonsensitive in nature, came as part of ...
- Singapore’s worst-ever data breach prompted the nation to bolster its cyber defences
October 26, 2020
In 2018, Singapore suffered its worst ever data breach when inadequate cybersecurity at SingHealth saw a quarter of the population’s medical records stolen. The subsequent official review recommended remedies that should already be basic security policies. Two years after the SingHealth hack, Singapore’s cybersecurity is being improved by everything from the fintech-oriented @-Wise Cybersecurity Centre of Excellence ...
- Data watchdog issues biggest ever fine over airline cyberattack
October 16, 2020
British Airways has been fined £20 million for “unacceptable” failures that led to personal details of hundreds of thousands of customers’ data being being stolen by hackers in 2018. The fine represents the largest financial penalty issued by the UK’s Information Commissioner’s Office (ICO) to date and is based on GDPR data protection regulation. The incident started ...
- Card details for 3 million Dickey’s customers posted on carding forum
October 15, 2020
The card details of more than three million customers of Dickey’s Barbecue Pit, the largest barbecue restaurant chain in the US, have been posted this week on a carding and fraud marketplace known as Joker’s Stash. The discovery was made by Gemini Advisory, a cyber-security firm that tracks financial fraud. “We worked with several partner financial institutions ...
- Fitbit Spyware Steals Personal Data via Watch Face
October 9, 2020
A wide-open app-building API would allow an attacker to build a malicious application that could access Fitbit user data, and send it to any server. Kev Breen, director of cyber threat research for Immersive Labs, created a proof-of-concept for just that scenario, after realizing that Fitbit devices are loaded with sensitive personal data. “Essentially, ...