Eight car insurance companies in New York have been fined a total of $14.2 million for poor cybersecurity practices that led to data breaches affecting over 825,000 residents. These breaches involved exposure of sensitive personal data used for fraudulent activities like unemployment claims, prompting regulatory action and mandated cybersecurity improvements. #NYInsuranceBreach #CyberFraud #DataSecurity
Keypoints
- Eight insurance companies were fined $14.2 million due to data breaches exposing personal information of over 825,000 people.
- The breaches involved auto-populated data used by hackers to commit insurance fraud and file fraudulent unemployment claims.
- Investigators found these companies lacked adequate cybersecurity controls, including multi-factor authentication and monitoring systems.
- Several companies had multiple security incidents involving their quoting tools, with some data sold by brokers.
- Regulators required these companies to strengthen their cybersecurity programs, including data inventories and authentication procedures.
Read More: https://therecord.media/auto-insurance-companies-fined-ny-state-pre-fill-data-breaches