“ ORGANISATIONS NEED INDIVIDUALLY TAILORED SECURITY POLICIES IN PLACE WHICH PROVIDE CONTEXT AROUND WHICH THREAT ACTORS ARE TARGETING THEM ”
The report also highlighted that the threat of data disclosure has now become a standard component of ransomware attacks and an additional layer of extortion , beyond the traditional focus on merely encrypting files and holding them for ransom . Threatening to dump compromised files on the dark web for further misuse by other criminals aims to put more pressure on victims to pay ransoms , given the potential for the loss of customer confidence and the potential legal or regulatory implications of exposing customer or employee data .
Sale and compromise
2 of B2C policyholder data Aside from enterprise customers , insurance companies also possess a great deal of sensitive information on their individual retail customers that criminals can use for fraud and other malicious purposes . The most important PII data points are dates of birth
“ ORGANISATIONS NEED INDIVIDUALLY TAILORED SECURITY POLICIES IN PLACE WHICH PROVIDE CONTEXT AROUND WHICH THREAT ACTORS ARE TARGETING THEM ”
PAUL PRUDHOMME HEAD OF THREAT INTELLIGENCE ADVISORY AT INTSIGHTS , A RAPID7 COMPANY
and Social Security numbers , or the non- U . S . counterparts thereof ( such as taxpayer identification numbers ). These serve as key ingredients in identity theft operations , such as fraudulent credit applications .
In the context of insurance policyholder data in particular , the most valuable data points , aside from the actual policy details
88 March 2022