Tag Archive for: Client

Ransomware Gang Has 6M Life and Annuity Client Records

/in


What You Need to Know

  • Federal investigators say the MOVEit attack organizer is great at what it does.
  • The biggest victim may be the U.S. Department of Health and Human Services.
  • A flood of stolen data has cut the price of a Social Security number on the dark web to $1.

Companies that write and reinsure your clients’ life insurance policies and annuity contracts say the Clop Ransomware Gang has stolen personal records for at least 6 million people, and that many of the stolen records include Social Security numbers.

The life and annuity issuers are caught up in a massive cyberattack that has affected hundreds of companies and government agencies throughout the world since late May. Affected life insurers and reinsurers use a file transfer system called MOVEit to exchange data with PBI Research Services. Since January, the Clop gang has been using a vulnerability in the file transfer system to install ransomware software on organizations’ computers.

Clop announced on June 7 in a blog post that it would begin publishing stolen client information if affected companies did not make ransom payments by June 14. The organization appears to be continuing to negotiate with some victims, but it has started posting some of the affected records on a site on the “dark web,” according to press reports.

The total number of affected life and annuity customers may be much smaller than the number of records affected. Some people may have had two or more life or annuity products included in the hacked data. A life insurer and a reinsurer also may have had separate affected records related to the same underlying product.

What It Means

Thieves, blackmailers and other foes who want to see your clients’ personal information and get into their retirement accounts, annuity accounts, life insurance accounts and other accounts may now find it cheaper and easier to accomplish those tasks.

Known Life, Health & Annuity Clop Victims

Here’s a look at some of the companies affected by the Clop attack and the number of policyholders and other customers who might have been involved, based on SEC filings and reports to the Maine attorney general’s office, which has an especially…

Source…

Infinite Group aims to fight ‘cyber warfare’ with Nodeware product as client incidents increase

/in


() () recently rebranded as IGI Cybersecurity, President and COO Andrew Hoyen tells Proactive the Pittsford, New York-based group is working to help its clients fight ‘cyber warfare.’

Hoyen says the group has seen incident response increase amongst its clients.

It leverages its product Nodeware to identify gaps in environments to identify vulnerabilities to be better prepared if something does happen.

Add related topics to MyProactive

Create your account: sign up and get ahead on news and events

NO INVESTMENT ADVICE

The Company is a publisher. You understand and agree that no content published on the Site constitutes a recommendation that any particular security, portfolio of securities, transaction, or investment strategy is…

In exchange for publishing services rendered by the Company on behalf of named herein, including the promotion by the Company of in any Content on the Site, the Company receives from said issuer annual cash…

FOR OUR FULL DISCLAIMER CLICK HERE

Source…

Ransomware Attack Threatens Closings, Sensitive Client Data

/in


A ransomware attack on Cloudstar, which provides cloud hosting for title insurance applications, is threatening to derail mortgage closings and put sensitive client information at risk.

A ransomware attack on a company that provides cloud hosting for title insurance applications is threatening to derail closings and put sensitive client information at risk.

Cloudstar, which claims to operate the nation’s largest privately held settlement services cloud, first reported a “possible service interruption” affecting a “portion of our customers” on Friday, July 16.

Two days later, Cloudstar revealed that the company had in fact discovered on Friday that it “was the victim of a highly sophisticated ransomware attack.” In a Sunday, July 18, notice, Cloudstar said it had hired a third-party forensics expert, Tetra Defense, “to assist us in our recovery efforts and also informed law enforcement. Negotiations with the threat actor are ongoing.”

In another update Monday, the company said its Office 365 mail services, email encryption, and technical support services were “still fully operational and secure.”

On its website, Cloudstar says it operates six U.S. data centers, providing virtual desktop hosting and other services to more than 42,000 users.

Cloudstar says it offers cloud hosting for clients who use title insurance applications including SoftPro, RamQuest, ResWare, TitleExpress, Impact, RBJ Edge, Streamline, TitleScan, HalFile, LanTec, Double Time, Closer’s Choice and GreenFolders.

Cloudstars clients are title agents and other end users, not the software providers themselves, many of whom were quick to reassure clients.

SoftPro, for example, posted a notice on the company’s website Tuesday reassuring customers that the ransomware attack “has in no way impacted the functionality of SoftPro products or services. SoftPro was not breached or impacted in any way by this incident. Additionally, we have received no reports of impact from our integrated partners.”

Similarly, RamQuest said it had “not not been impacted by this ransomware attack as Cloudstar does NOT…

Source…