Is it me or is it starting to feel like the Wild West around here? The news of major losses from hack attacks, the modern day “bank robbery”, just keep coming. This time its Citibank. Earlier this month, the bank announced that hackers stole the credit card details of more than 360,000 U.S. customers. Because these things have to play out, it’s only now that Citibank has been able to put a figure – $2.7 million – on their losses. Of the 360,000 credit card details stolen, about 3,400 were hit with fraud.
The $2.7m figure is for the fraud only, however. The greatest loss from these cases is the cost of notifying customers that their card may have been compromised, the cost of card and card number reissuance for all 360,000 customers and the man hours involved in doing both of these activities and more. So while $2.7m is a lot to swallow even when you’re a large global bank, losses for the breach overall could easily reach into the tens of millions.
What’s the moral of the story? Whether big company or small, make sure virus and hack attacks are covered in your insurance policy. While Citibank could swallow the costs, they probably don’t want to and many smaller firms could not.
See the full story on PCWorld.com
Insuring for hacking and viruses is important. That’s why we can include it in all of our policies. To learn more, click here.
Between April and May 2011, Sony may well have had more bad press than any company in such a short space of time. I’m sure everyone is aware by now that Sony have lost personally identifiable information (PII). But how much have they really lost and is it all doom and gloom?
Sony has had two major breaches and a number of more minor ones. The largest loss of data they have suffered is from the hacking of their PlayStation Network (PSN). This is the area on which gamers go to play against each other and this compromise has affected 77 million users. The other major security breach related to the Sony Online Entertainment (SOE) division, which is similar to PSN but for PC gamers. This compromise has affected 25 million users. Amongst the more “minor” breaches, they have suffered a breach on the Greek Sony Music Entertainment website, affecting 8,500 Greek users and the Indonesian and Thai versions of this website were also hacked, although there is nothing to indicate any information has been leaked from these.
Sony itself has said that the PSN breach could cost them $171 million. And while it may be easy to blame the company for not preventing this, the question really is whether it could have been prevented at all. Hackers look for and take advantage gaps in the system, no matter how secure. Having a robust security plan as well as broad insurance cover for hacking and PII loss in case that security plan doesn’t hold up is the only way to truly protect yourself. In the end, we’re all at risk and the Sony breach only proved that no one is immune.
See the full story on CFCUnderwriting.com
Hands up who likes pop-ups appearing on their screen when browsing the internet? Anyone? Well with the new EU cookie directive implemented on the 25th of May this year, this could be something we will all have to put up with.
So just what are cookies? They are much more than a tasty snack to eat between meals; in the virtual world they are very small pieces of software which are loaded onto a user’s computer (usually without that user’s knowledge) when visiting a website. This piece of software remembers various things about that user, such as log in details and other preferences, thus speeding up the process the next time that user logs onto the website.
It might seem simply helpful, but cookies also store information about people for targeted online marketing based on a user’s browsing history, often without that user’s knowledge. And this is what the EU has trouble with. That’s why they’ve recently brought in a directive which will require websites to get expressed consent for the collection of this information, not just assuming consent unless users state otherwise. Which means… drum roll please… the possibility of pop-up windows for existing users.
The EU’s good intentions for consumers might turn sour. It just depends on how the directive plays out and how creative websites will get whilst still remaining compliant. In the meantime, learn more about the directive and what it means for websites moving forward by going to full article on the CFC website.
Apple, Facebook, Google and a plethora of on-line games, are just some of those deriving tangible benefits from virtual currencies. However, what are virtual currencies, why are companies using them, what are the risks users and businesses face and how should they manage these?
Virtual currencies are used to purchase virtual goods or services in an on-line environment. Examples of this range from using pre-paid vouchers on iTunes for purchasing music through to players of Massively Multiplayer on-line games (MMOs) purchasing virtual real estate, costumes and other in-game paraphernalia.
As the industry grows, however, the waters are getting muddier. Online entities that operate in virtual currencies not only need to be payment card industry (PCI) compliant, but they also have to contend with illegal virtual currency trading, some gambling laws, information security and how to handle minors in the online gaming environment.
See the full story on CFCUnderwriting.com
Ever wish you could climb in your computer and retrieve a mistakenly sent email? Surrey Country Council probably has. The council has been fined £120k by the Information Commissioner’s Office for breaking the Data Protection Act. Information Commissioner Christopher Graham said the council had paid the price for failing to handle sensitive data appropriately or to have security measures in place after unencrypted, personal data was sent to random email addresses by mistake on three different occasions.
See the full story on The Register
Do you need security breach cover for your business? Browse our products or contact us to learn more.