CalPERS, CalSTRS, Genworth Among Those Affected by Moveit Data Breach

Link: https://www.ai-cio.com/news/calpers-calstrs-genworth-among-those-affected-by-moveit-data-breach/

Excerpt:

The California Public Employees’ Retirement System, the California State Teachers Retirement System and Genworth Financial Inc. revealed that some of their clients’ personal information was involved in a data breach that hit third-party vendor PBI Research Services’ Moveit Transfer Application, used by thousands of organizations. 

PBI provides services to pension funds to identify member deaths so that proper payments are made to retirees and beneficiaries and to prevent overpayments or other errors. For life insurance firms like Genworth, the company helps identify the possible eligibility of beneficiaries for death benefits or for policies beneficiaries may not know exist.

According to CalPERS, while the data breach did not impact its information systems, it did impact the personal information of approximately 769,000 members, including retired members, some of whom are inactive members and may soon be eligible for benefits. The pension fund is offering free credit monitoring to retirees and beneficiaries with impacted personal information and is also mailing tips on how to protect their information. CalPERS is also providing information on its website and through its customer contact center.

….

Genworth declined to elaborate on its June 22 SEC filing, in which it said it was notified by PBI of the breach and that it “believes that the personal information of a significant number of insurance policyholders or other customers of its life insurance businesses was unlawfully accessed.” Genworth stated it is “working to ensure that protection services are provided to those impacted individuals” and that it believes the breach did not impact any of its information systems, including its financial systems, and that there has not been any material interruption of its business operations.

Author(s): Michael Katz

Publication Date: 26 Jun 2023

Publication Site: ai-CIO

A Risk Classification Framework for Decentralized Finance Protocols

Link: https://www.soa.org/resources/research-reports/2022/decentralized-finance-protocols/

Report: https://www.soa.org/4a61da/globalassets/assets/files/resources/research-report/2022/decentralized-finance-protocols.pdf

Graphic:

Excerpt:

Decentralized finance (DeFi) is an emerging and rapidly growing financial ecosystem with the defining feature that it is powered by blockchain technology. The focus of this paper is on risks for DeFi protocols that could lead to economic losses that could be insurable. This framework was designed around the risks associated with the existing and emerging DeFi protocols.

Author(s):

Tara Chang
OneDegree

Joe Ho
Hailstone Labs

Zachary Tirrell, FSA, FIAA

Gwen Weng, FSA, CERA, FCIA
Hailstone Labs

Jo You
OneDegree

Publication Date: October 2022

Publication Site: Society of Actuaries

2021 Academy Legislative/Regulatory Review

Link: https://www.actuary.org/sites/default/files/members/alerts/pdf/2022/2022-CP-1.pdf

Excerpt:

The American Academy of Actuaries presents this summary of select significant regulatory and
legislative developments in 2021 at the state, federal, and international levels of interest to the U.S.
actuarial profession as a service to its members.

Introduction

The Academy focused on key policy debates in 2021 regarding pensions and retirement, health, life,
and property and casualty insurance, and risk management and financial reporting.


Responding to the COVID-19 pandemic, addressing ever-changing cyber risk concerns, and analyzing
the implications and actuarial impacts of data science modeling continued to be a focus in 2021.


Practice councils monitored and responded to numerous legislative developments at the state, federal,
and international level. The Academy also increased its focus on the varied impacts of climate risk and
public policy initiatives related to racial equity and unfair discrimination in 2021.


The Academy continues to track the progress of legislative and regulatory developments on actuarially
relevant issues that have carried over into the 2022 calendar year.

Publication Date: 15 Feb 2022

Publication Site: American Academy of Actuaries

Police lose hacked therapy center criminal reports after spreadsheet error

Link:https://www.thebharatexpressnews.com/police-lose-hacked-therapy-center-criminal-reports-after-spreadsheet-error/

Excerpt:

The hack into the client database of the private Vastamo psychotherapy center was first exposed on October 21, 2020, when the patient data of tens of thousands of people was stolen and used to blackmail both l company and patients.

Investigators asked each victim to file a criminal complaint, and as of February 2021, more than 25,000 such reports had been submitted. The majority of complaints were lodged at the Pasila police station in Helsinki, but others were lodged elsewhere in the country.

….

Instead of a database, criminal reports were saved via Microsoft Excel files. Some of the files turned out to be unreadable when the police attempted to transfer them into the official system. The cause of the problem is unknown.

Detective Inspector Jari Illukka from the Helsinki Police Department told Svenska Yle that a dozen crime reports had disappeared from Excel, but the exact number is not known.

….

Police estimate that the records of more than 30,000 people were stolen during the Vastaamo data breach, and more than 22,000 of those victims have since reported the crime.

However, a little more than three thousand declaration forms had been given to the police at the end of January, that is to say one victim in ten.

Publication Date: 7 Feb 2022

Publication Site: Bharat Express News

Missouri Professor Wants Gov. Parson to Apologize

Link:https://www.governing.com/now/missouri-professor-wants-gov-parson-to-apologize

Graphic:

Excerpt:

A cybersecurity professor who verified the vulnerability that left the Social Security numbers of upwards of 100,000 teachers accessible on a Missouri website is demanding Gov. Mike Parson apologize after he threatened those who exposed the weakness with prosecution.

An attorney for University of Missouri-St. Louis Professor Shaji Khan sent a letter Thursday to Parson, the Missouri Department of Elementary and Secondary Education (DESE) and other agencies telling them to preserve records related to the episode — often a first step before a lawsuit.

The letter is the first indication that Parson may face a legal challenge over his response to a St. Louis Post-Dispatch story last week detailing how Social Security numbers had been left exposed on a DESE website. The day after publication, Parson called a news conference where he threatened the newspaper, its journalists and those who helped them with prosecution — and said law enforcement would investigate.

Author(s): Jonathan Shorman and Jeanne Kuang, The Kansas City Star

Publication Date: 22 Oct 2021

Publication Site: Governing

States Weigh Bans on Ransomware Payoffs

Link: https://www.governing.com/security/states-weigh-bans-on-ransomware-payoffs

Excerpt:

As ransomware attacks continue to wreak havoc on police departments, school districts and city and county governments, some state legislators say they’ve had enough.

At least three states—New York, North Carolina and Pennsylvania—are considering legislation that would ban state and local government agencies from paying ransom if they’re attacked by cybercriminals. A similar bill in Texas died in committee earlier this year.

Prohibiting ransom payments would help deter attacks because cybercriminals would know they couldn’t get paid and would have no financial incentive, the legislators say.

“If criminals know that Pennsylvania will not pay ransom, we are going to make ourselves a less likely target for these types of attacks,” said Republican state Sen. Kristin Phillips-Hill, who is sponsoring a no-ransom bill. “Our citizens’ personal information is on the line. We have to do everything we can to protect them.”

Author(s): Jenni Bergal, Stateline

Publication Date: 27 July 2021

Publication Site: Governing

A company you’ve probably never heard of caused half the internet to go dark

Link: https://www.vox.com/recode/2021/6/8/22524024/fastly-web-outage-news-websites?mc_cid=1581e9eab7&mc_eid=983bcf5922

Excerpt:

One of the reasons the Fastly outage seems so wide scale is that cloud computing service companies like Fastly are consolidating, leaving websites dependent on a shrinking number of providers. Even if there aren’t that many total outages, the fact that so many everyday sites rely on fewer cloud providers makes each individual outage feel pretty significant to an average internet user who just wanted to buy some stuff on Amazon and read the New York Times early Tuesday morning.

There are benefits to consolidation, explains Doug Madory, the head of internet analysis at the network monitoring company Kentik. For instance, a smaller number of cloud providers means it’s much easier to get those providers to deploy a particular security change. “The flip side is the liability [of] having a few megacompanies, whether they’re CDNs or other types of internet firms, responsible for a lot of our internet activities,” Madory told Recode.

In other words, when one of these megacompanies updates its systems and inadvertently causes an outage, the damage radius could be quite wide. This is what happened in 2011 when one of Amazon’s cloud computing systems, Elastic Block Store (EBS), crashed and brought Reddit, Quora, and Foursquare offline. After the incident, Amazon explained that engineers inadvertently caused technical problems that trickled down through its systems and caused the outage.

Author(s): Rebecca Heilweil

Publication Date: 8 June 2021

Publication Site: Vox recode

Summary of June 8 outage

Link: https://www.fastly.com/blog/summary-of-june-8-outage

Excerpt:

On May 12, we began a software deployment that introduced a bug that could be triggered by a specific customer configuration under specific circumstances.

Early June 8, a customer pushed a valid configuration change that included the specific circumstances that triggered the bug, which caused 85% of our network to return errors.

Author(s): Nick Rockwell

Publication Date: 8 June 2021

Publication Site: fastly

U.S. Seizes Share of Ransom From Hackers in Colonial Pipeline Attack

Link: https://www.nytimes.com/2021/06/07/us/politics/pipeline-attack.html

Excerpt:

The Justice Department said on Monday that it had seized much of the ransom that a major U.S. pipeline operator had paid last month to a Russian hacking collective, turning the tables on the hackers by reaching into a digital wallet to snatch back millions of dollars in cryptocurrency.

Investigators in recent weeks traced 75 Bitcoins worth more than $4 million that Colonial Pipeline had paid to the hackers as the attack shut down its computer systems, prompting fuel shortages, a spike in gasoline prices and chaos at airlines.

Federal investigators tracked the ransom as it moved through a maze of at least 23 different electronic accounts belonging to DarkSide, the hacking group, before landing in one that a federal judge allowed them to break into, according to law enforcement officials and court documents.

The Justice Department said it seized 63.7 Bitcoins, valued at about $2.3 million. (The value of a Bitcoin has dropped over the past month.)

Author(s): Katie Benner, Nicole Perlroth

Publication Date: 7 June 2021

Publication Site: New York Times

MTA scare highlights public finance cyber woes

Link: https://fixedincome.fidelity.com/ftgw/fi/FINewsArticle?id=202106070952SM______BNDBUYER_00000179-d86e-df56-a3fd-f8fe8d120001_110.1

Excerpt:

Subway safety in New York took on a new meaning when the Metropolitan Transportation Authority acknowleged a cyber intrusion, which set off loud alarm bells about the rising threat of system hacks.

The MTA is one of the largest municipal issuers and reports linked China’s government to the episode.

Despite MTA officials? assurances of quick troubleshooting and no evidence of compromise to its operational systems, employee or customer information, this marked the latest chilling cybersecurity event for public finance.

Author(s): Paul Burton

Publication Date: 7 June 2021

Publication Site: Fidelity Fixed Income

Meat Supplies Tighten as Cyberattack on JBS Snarls Food Chain

Link: https://www.wsj.com/articles/jbs-meat-plants-face-slow-restart-after-cyberattack-11622633982

Graphic:

Excerpt:

A ransomware attack against JBS SA sent shock waves throughout the U.S. food industry and exacerbated tension between Washington and Moscow, even as the meatpacker restarted plant operations.

JBS said most of its plants resumed operations Wednesday, though some shifts and processing operations remained suspended, according to individual plants’ social-media posts.

….

Meat supplies were already tight before the cyberattack. Surging demand from reopening restaurants, along with production problems at meat plants, are driving up costs of bacon, chicken wings and other products as people continue to make big grocery purchases. Some restaurants and supermarkets have raised prices for consumers as a result.

Distributor Gordon Food Service Inc. bought meat from other suppliers Tuesday while JBS plants were offline, said Jagtar Nijjar, Gordon’s director of imports and commodities. Mr. Nijjar said he expected it to take four business days for its normal order flow from JBS to resume. Normally, he said, Gordon gets more than half of its pork from JBS, at least half a million pounds every week.

U.S. cattle producers, meanwhile, said they were waiting to learn whether they would be able to deliver animals to JBS plants on schedule this week. U.S. meat companies slaughtered 105,000 cattle and 439,000 hogs on Wednesday, down 13% and 9%, respectively, from a week prior, according to USDA data.

Author(s): Jesse Newman, Jacob Bunge

Publication Date: 2 June 2021

Publication Site: WSJ

Colonial Pipeline Hack Reveals America’s Vulnerabilities

Link: https://www.governing.com/security/colonial-pipeline-hack-reveals-americas-vulnerabilities

Excerpt:

If you want to get Americans’ attention, hit their ability to drive. Panic buying and gas lines were quickly seen in the Southeast. Midweek, 71 percent of the gas stations in car-burdened Charlotte, North Carolina, were dry.

Ransomware takes control of a company’s or organization’s software or data until the owners make a payment. Even paying a ransom doesn’t guarantee the owners will get control again.

Initial reports said Colonial refused to pay ransom. But Colonial handed over nearly $5 million to the hackers. Bloomberg reports that the payment was in difficult-to-trace cryptocurrency. In exchange, Colonial received a decrypting tool to help restore its disabled network.

DarkSide, believed to be based in Eastern Europe, released a statement saying, “We are apolitical, we do not participate in geopolitics … Our goal is to make money, and not creating problems for society.”

But no one is safe from cybercrime, whether the attacker is a shadowy group or tied to a nation-state, whether they want money or data or to paralyze infrastructure. Whether the victim is an individual who opened an email containing malware or a leading technology company.

Author(s): Jon Talton, The Seattle Times

Publication Date: 14 May 2021

Publication Site: Governing