ICO Fines Cabinet Office for data security breach

The UK Information Commissioner’s Office (ICO) has issued the Cabinet Office with a £500,000 fine over a data breach that disclosed the personal details of more than 1,000 people listed for 2020’s New Year Honours. The ICO said its investigation into the breach revealed that the Cabinet Office had failed to put proper technical and organisational measures in place to prevent disclosure of personal information in breach of UK’s data protection law.

Insurers cut cover amid growth of Ransomware incidents

Computing reports Insurance firms are worried about profits as ransomware gangs become more sophisticated.

Whilst previousy insurance companies  typically cooperated with  customers (and with Cybercriminls) to cover losses, cyber attacks have risen in number and sophistication which is forcing insurance companies to cut the amount of cover they provide to customers. Insurers have increased premiums, cut policy coverage and may even adopt an adversarial vs a co-operative response to ransomware claims.

“Insurers are changing their appetites, limits, coverage and pricing,” Caspar Stops, head of cyber at insurance firm Optio, told Reuters … Limits [the upper amount paid in a claim] have halved – where people were offering £10 million ($13.5 million), nearly everyone has reduced to five.”

American cyber insurance firm CNA Financial allegedly paid hackers $40 million (£30 million) to decrypt its data and restore systems, following a ransomware attack in March.
In June, meat processing giant JBS confirmed it paid $11 million (£8.2 million) to the REvil ransomware gang, which locked its systems at the end of May.
Insurers say some attackers may specifically check whether potential victims have policies that would make them more likely to pay a ransom.

One industry insider said a tech firm that previously paid £250,000 for £130 million of professional indemnity and cyber cover  is now paying £500,000 for a cover of £55 million.

The main advice from the FBI in the US is not to pay, and instead report the incident as early as possible. The agency also warned that paying ransoms only funds criminals’ efforts.

 

The post Insurers cut cover amid growth of Ransomware incidents appeared first on Web Science Trust.