.jpg?width=200&height=78&name=CH%20Diligence%20(thicker%20line).jpg "CH Diligence (thicker line)")
Reuters: Canadian lender Desjardins Group said on Monday it spent C$70 million ($53 million) in the second quarter related to a data privacy breach earlier this year that exposed personal information of 2.9 million members.
The company offered the affected accounts a credit monitoring plan and identity theft insurance for five years, without any additional costs to those customers, Desjardins said.
Computing: The report, entitled "The Dark Side of Russia: How New Internet Laws & Nationalism Fuel Russian Cybercrime", claims that Russia's new internet laws, which will come into effect on 1st November, will make it difficult for companies operating in Russia to protect both their communications and the privacy of their customers.
Forbes: Apple has massively increased the amount it’s offering hackers for finding vulnerabilities in iPhones and Macs, up to $1 million. It’s by far the highest bug bounty on offer from any major tech company.
That’s up from $200,000, and in the fall the program will be open to all researchers. Previously only those on the company’s invite-only bug bounty program were eligible to receive rewards.
The target: Capital One Bank
The take: Highly sensitive information of 106 million customers including: 140,000 Social Security numbers, 1 million Social Insurance Numbers for Canadian credit card customers, bank account numbers, credit card application data including scores, balances, limits and payment history, and some of transaction data.
The attack vector: A misconfigured firewall in Capital One’s AWS infrastructure allowed the attacker to clone data housed in cloud storage instances. The attacker employed VPN and anonymized browsing to execute the attack surreptitiously – but was ultimately found out when they bragged about the heist in public Slack channels. Capital One was notified of the breach via an e-mail tip with directions to a public Github repository where the attacker had archived some of the exfiltrated data.
The Wall Street Journal: BlackRock Inc. is no longer in talks with Pamplona Capital Management to take over the private-equity firm’s stake in cybersecurity company Cofense Inc.
The New York Times: A single weak spot is all savvy hackers need. And they often find them. Already this year, there have been 3,494 successful cyberattacks against financial institutions, according to reports filed with the Treasury Department’s Financial Crimes Enforcement Network.
BTA: The owner of a cyber security company was arrested Tuesday morning for a recent personal data breach in the National Revenue Agency (NRA), sources of the prosecution office told BTA. He was remanded at Sofia Airport as he arrived from Istanbul.
BGR: Just as Equifax is settling an FTC case on the massive data breach from a couple of summers ago, Capital One had to come forward and admit that it suffered a massive breach of its own, affecting more than 100 million customers in America and Canada. The person responsible is already in custody, however, with the FBI saying she practically admitted everything online.
Reinsurance News: Corvus Insurance, an AI-driven insurtech MGA backed by ILS and reinsurance investment manager Hudson Structured Capital Management (HSCM), has expanded its product line with an offering that focuses on silent cyber risks posed by cargo insurance policies.
KnowBe4: Global losses to cybercrime total $1.5 trillion per year, which amounts to $2.9 million per minute, a new report by RiskIQ shows. Some of the largest companies are losing $25 each minute due to security breaches. Phishing campaigns accounts for losses of $17,700 per minute and ransomware attacks are expected to cost the world $22,184 per minute this year.
Cision: As criminal innovation outpaces defensive efforts, cyberattacks are becoming more ubiquitous and sophisticated, and businesses, governments, and individuals are more vulnerable than ever. In a perspective-shifting new article, "Casting the Dark Web in a New Light" (MIT Sloan Management Review), cybersecurity researchers and scientists Keman Huang, Michael Siegel, Keri Pearlson, and Stuart Madnick offer a new lens through which to consider cybercrime.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montréal
1080 Côte du Beaver Hall, Suite 904
Montréal, QC
Canada, H2Z 1S8
+1-450-465-8880
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy