Restaurant chain Chili's is the latest retailer to report a data breach involving point of sale (PoS) security.

Brinker International, which operates over 1,600 Chili's restaurants globally, announced the data breach on May 12, after becoming aware of the security incident the day before. The company did not reveal how many customers have been impacted by the breach, though it did state that payment card information was stolen over a two-month period.


A data breach at a customer services provider with a name that looks like a misprint, [24], may have exposed the data of thousands of Sears department store and Delta Air Lines customers last fall, the companies disclosed this week.


High-end retailers Saks Fifth Avenue and Lord & Taylor suffered a cyber breach that could put the financial information of millions of customers in jeopardy.

Five million credit card and debit card numbers from the department stores have been put up for sale on dark web forums, according to a note published Sunday by New York-based cybersecurity firm Gemini Advisory.


In today’s market, no growing business can isolate itself from online communications and commerce. Yet avoiding the internet entirely is the only way to guarantee your company will not be exposed to cyber threats. Once a business is online it will always be exposed to some residual risk it cannot feasibly address in a disaster recovery plan, business continuity plan, or through an information security technology solution.


A spokesman says Atlanta's airport has taken down its Wi-Fi network and disabled parts of its website "out of an abundance of caution" following a ransomware cyberattack on the city's computer network.

Business interruption (BI) and cyber incidents interlink as the major threat for companies globally in 2018, according to the insight of 1,911 risk experts from 80 countries in the Allianz Risk Barometer 2018. However, for marine and shipping companies, natural catastrophes (34 percent), including storm, floods and earthquakes, takes the top spot – up from number four in 2017. BI tied with cyber incidents (31 percent), for the second spot followed by theft/fraud/corruption (27 percent) and fire/explosion (25 percent) to round out the top five business risks in the maritime sector for 2018. These incidents illustrate the complex nature of insurance risks as most are closely intertwined in complex loss cases.

Financial institutions, government agencies and key industrial sectors of the economy in the country should prepare for a massive exploration of Cyber crimes as 2018 unfolds.

According to the director of Cloud strategy at giant technology firm Microsoft Rudiger Dorn, the year is likely to see an increase in phishing- where hackers obtain account details of employees or individuals through credit cards and banking details to commit a Cyber crime.

The recently released Allianz Risk Barometer ranked the top business risks for 2018, based on the views of more than 1,900 risk management experts globally. Here, we look at the top three identified business risk for Australia and discuss how they can be effectively managed.

Many businesses today have an online presence, involving assets such as company websites, blogs and social media accounts. However, these companies are also vulnerable to hackers looking to find valuable data, such as Social Security numbers and customer names, addresses and phone numbers.

Three-quarters of senior level treasury and finance executives say cyber security risks have surfaced at their companies because of the increased use of new technologies, according to a survey issued Wednesday.

Reuters) — Security researchers on Wednesday disclosed a set of security flaws that they said could let hackers steal sensitive information from nearly every modern computing device containing chips from Intel Corp., Advanced Micro Devices Inc. and ARM Holdings.



While major breaches where millions of records are compromised tend to dominate the news, a much more dangerous and insidious threat goes largely unnoticed — that of the insider.



(Reuters) — SWIFT, the global messaging system used to move trillions of dollars each day, warned banks on Wednesday that the threat of digital heists is on the rise as hackers use increasingly sophisticated tools and techniques to launch new attacks.



(Reuters) — Struggling ride-hailing firm Uber Technologies Inc. faces a fresh regulatory crackdown after disclosing it paid hackers $100,000 to keep secret a massive breach last year that exposed personal data from around 57 million accounts.


Do you think your small business is at risk of being hacked? An overwhelming 87% of small business owners don’t think so. But, your business might be at risk more than you realize. About half of small businesses experience a cyber attack.

(Reuters) — The Trump administration on Wednesday publicly released its rules for deciding whether to disclose cyber security flaws or keep them secret in an effort to bring more transparency to a process that has long been cloaked in mystery.

(Reuters) — Up to 180 million smartphone owners are at risk of having some of their text messages and calls intercepted by hackers because of a simple coding error in at least 685 mobile apps, cyber security firm Appthority Inc. warned Thursday.

ATLANTA — Cyber coverage continues to evolve as the focus on types of perils changes, according to a panel of insurance industry experts speaking Thursday morning at the 30th annual Professional Liability Underwriters Society Conference in Atlanta.



Unfortunately, small businesses are sorely mistaken about their attraction to cyber attackers. A recent study (Ponemon Institute 2016 State of SMB Cybersecurity) found that in the last 12 months, hackers have breached half of all small businesses in the U.S.


3D printing is on the verge of mainstream adoption, which will mean a fundamental shift in manufacturing. The driving force is not improvements to the technology, although those are also important, but rather a transformation in the industry’s business model.



(Reuters) — The U.S government issued a rare public warning that sophisticated hackers are targeting energy and industrial firms, the latest sign that cyber attacks present an increasing threat to the power industry and other public infrastructure.,-industrial-firms



Yahoo’s been through it. So has the Democratic National Committee. More recently, it was Equifax. But it’s not just large businesses and organizations that are targeted by hackers. In fact, 1 in 5 small businesses has been targeted by a cyberattack, according to a study published Thursday by the Better Business Bureau.



NEW YORK — The growing business role of the internet, the mounting exposures this brings and ways to manage and mitigate these new threats topped the agenda at a meeting of cyber experts which coincided with the start of National Cyber Security Awareness Month.


Today Yahoo sent out a notice disclosing that a further investigation of the  2013 breach has produced new evidence. The company now believes that all of its three billion accounts were impacted, not 1 billion as it previously thought.


(Reuters) — Property Claim Services (PCS), a Verisk Analytics company, estimated an insured loss of $125 million from a massive data breach disclosed last month by Equifax Inc., that has plunged the credit-monitoring company into crisis.$125-million-Lloyds-Beazley?utm_campaign=BI20171002BreakingNewsAlert&utm_medium=email&utm_source=ActiveCampaign



More than half of U.S. businesses have experienced a cyber attack in the past year, according to a survey of executives released by Hartford Steam Boiler Inspection & Insurance Co. on Thursday.


The Securities and Exchange Commission, the country’s top Wall Street regulator, announced Wednesday that hackers breached its system for storing documents filed by publicly traded companies last year, potentially accessing data that allowed the intruders to make an illegal profit.



Travelers who check into hotels may run into some uninvited guests in the form of hackers looking to steal their financial information, analysts warn.


We are happy to announce a new partnership with CyberScoutTM, a leading provider of identity and data breach defense services, for our Allied Reinsurance Company (ARC) program, which reduces the risks related to cyber crime for our clients. Captive carriers accounted for about half of the personal lines market in 2016 and according to a 2016 survey by the Captive Insurance Companies Association (CICA), cyber risk is the number one emerging risk cited by captive insurance company owners and the number one non-traditional risk.



A trailer is not a warehouse covered by an insurance policy, says a federal appeals court in upholding a ruling in favor of Starr Indemnity & Liability Co. in a coverage dispute with a computer wholesaler over a theft.,-says-court-on-Starr-policy?utm_campaign=BI20170905BreakingNewsAlert&utm_medium=email&utm_source=ActiveCampaign


(Reuters) - A U.S. judge said Yahoo must face nationwide litigation brought on behalf of well over 1 billion users who said their personal information was compromised in three massive data breaches.


Hiscox, the international specialist insurer, today released the 2017 Hiscox Embezzlement Study™, an examination of employee theft in the US. The findings reveal that US businesses impacted by employee theft lost an average of $1.13 million last year. Small and mid-sized companies (fewer than 500 employees) continue to be disproportionally victimized by employee theft, representing approximately 68 percent of cases.


In a case that is on remand from the U.S. Supreme Court, an appellate panel has ruled that a plaintiff in a Fair Credit Reporting Act case has alleged a concrete injury from an inaccurate consumer report and can proceed with his case.




The digital world is expanding at such a rapid pace that we are required to not only increase resources, but also become more agile in addressing potential dangers for our organizations – even those not in the financial industry.


Protecting trade secrets has become more challenging in the cyber age, analysts say, and the loss of trade secrets can cause serious — sometimes permanent — damage to a company.


A federal appeals court has reinstated a putative class action lawsuit filed by health insurer CareFirst Inc. customers in connection with a 2014 data breach, holding their potential risk of injury from the breach is “substantial.”


Law360, Los Angeles (August 2, 2017, 10:17 PM EDT) -- A Michigan federal judge ruled Tuesday that Travelers doesn't have to cover a tool manufacturer's losses from an email-based theft scheme, giving insurers more ammunition to argue that computer fraud insurance doesn't apply to multistep scams and deepening a divide among the nation's courts on the scope of such policies.


In the neonatal intensive care unit of Cook Children's Hospital in Fort Worth, Texas, a father is rocking a baby attached to a heart monitor.

In the neonatal intensive care unit of Cook Children's Hospital in Fort Worth, Texas, a father is rocking a baby attached to a heart monitor.

The WannaCry worm is still alive. Honda said this week that it was forced to halt production for one day at its Sayama plant near Tokyo after finding the WannaCry ransomware in its computer network.

The recent “WannaCry” cyberattack affected hundreds of thousands of computers around the world. The attack targeted organizations of every type, including hospitals, government agencies, and corporations, freezing computers and locking out users until they paid a “ransom” to release their data.

South Bend-based Beacon Health System is notifying about 1,200 patients that a former employee accessed patient records without proper authorization. The health system says it is unaware of any "actual or attempted misuse of patient information," which included Social Security numbers and possibly financial and health insurance information.

After completing a probe with cybersecurity firms and law enforcement, Chipotle  (CMG) now believes that customers at stores across 48 states could have been affected by a hack on the company's payment systems between March 24 and April 19. In some cases, the stolen data contained the customer's name in addition to their card number, expiration date and verification number.

Ransomware is a growth industry – and it's growing because it works. Attacks by hackers that lock up data unless a ransom is paid shot up an unbelievable 6000% worldwide in 2016 over the previous year. According to the FBI, hackers “earned” over a billion dollars in ransomware attacks in 2016, some five times over the amount they netted in 2015.

A medical device firm has agreed to pay a $2.5 million settlement in connection with a laptop stolen in 2012, said the U.S. Department of Health and Human Services’ Office for Civil Rights.

Cybercriminals had a very good year in 2016 — and we all paid the price.

These digital bandits became more ambitious and more creative and that resulted in a year marked by "extraordinary attacks," according to the 2017 Internet Security Threat Report from Symantec. "Cyber crime hit the big time in 2016, with higher-profile victims and bigger-than-ever financial rewards," the report concluded.

As we move beyond the widespread acceptance and use of online banking and trading platforms and push further into an increasingly digital financial marketplace, consumers face new forms of risk—namely, cyber risk—that would have been unfathomable previously. When confronted with risks that could be financially devastating, consumers are driven to mitigate and insure against such perils. Has the time come to purchase insurance for financial cyber risks?

Instances in which Iowans’ identity was stolen jumped a whopping 30 percent, from a rate of 56 people for every 100,000 Iowans in 2014 to 73 just a year later, in 2015.

Most of the thefts happened via the internet. The growth in Iowa mirrors what is happening nationwide. Thefts via the digital world are on the rise as the crime evolves with technology. Yet, many people making legitimate purchases online still have a false sense of security about their private financial information.

Hackers are demanding increasingly hefty ransoms to free computers paralyzed with viruses, as cyber criminals seek to maximize profits from large numbers of victims willing to pay up, according to cyber security firm Symantec Corp.

Ransomware, identified by the U.S. Department of Justice as the “biggest cyberthreat” of 2017, isn’t just a problem for big businesses like hospitals or banks. Cyberthieves are increasingly targeting the malicious software, which locks all files on a targeted computer or network until the owner pays up, at smaller and arguably more vulnerable organizations.

Why ransomware increasingly targets the little guys


Almost 40% of computers in industrial applications were subjected to cyber-attacks in the second half of 2016, according to new research from Kaspersky Lab ICS Cert. It also reveals that the percentage of industrial computers (IPCs) under attack rose from more than 17% in July 2016 to more than 24% by December 2016. The top three sources of infection were the Internet, removable storage devices, and malicious e-mail attachments and scripts embedded in the body of e-mails.

You might think your smartphone or laptop is relatively safe from cyber attacks thanks to anti-virus and encryption software. But your devices are increasingly at risk from “side-channel” attacks, where an intruder can bypass traditional network entry points and use another way to compromise the device.

Data breaches have resulted in hundreds of millions of data records being illegally accessed. Home Depot, Target, Michael’s, TJ Maxx, Snapchat, Facebook, Twitter, Sony, Kmart, Apple’s iCloud, First Commonwealth Bank, and P.F. Chang’s are just a few of the companies that have reported a major data breach. The Russian hacking of the Democratic National Committee during the 2016 Presidential campaign may have impacted the election. Similarly, DDos (Denial of Service) attacks have targeted banks and other financial service providers.

 Security experts say how individual companies choose to save their data in anticipation of an outage depends on how long they can survive before the “lights” are turned back on. What level of availability does your company need? Is the face of your company an ecommerce site where even a few minutes offline can cost an astronomical sum? Will the cost of an active-active system outweigh the potential loss of business from an outage?

It is interesting to note the portions of the WikiLeaks Vault 7 dump that have elicited the most visceral response. Many pundits and analysts have divided their rage between targets like Julian Assange (the traitor), the leaking NSA/CIA employee (deep drip), and the NSA itself (Big Bro) for spying on U.S. citizens. But nowhere have I heard a word in the mainstream media about mis-attribution or Russian hacks.

On Friday, a blog at Check Point Software Technologies’ website said that its engineers had found severe infections on 36 Android devices belonging to two unnamed telecommunication and multinational companies. The post pointed out that this is not unusual, but that the striking element is that the infections came preinstalled on the devices.

Data breaches have been occurring more frequently, and it is not just happening at large big-box retailers. In fact, most cybersecurity attacks target businesses with less than 250 employees because their security may be more vulnerable. So no matter the size of your business, it is important to manage the risks related to a data breach and reduce the significant costs that can result from one. Now might be the time to explore how cyber security insurance may protect your business.

Today, we are just beginning to understand the seriousness of an emerging threat to the grid's cybersecurity. As the grid has become more dependent on computers and data-sharing, it has become more responsive to changes in power demand and better at integrating new sources of energy.

Some cyberattacks make it to the front pages of mainstream publications. We’ve read about the breach at Target of 40 million payment cards, and the cyberattack on Yahoo that compromised data from more than 1 billion user accounts. All these highly publicized cyberattacks have one thing in common: they involve customer data.

Researchers have issued a warning that hackers are resorting to the use of file-less malware programs to gain stealth access to the systems of organizations. This new form of attack is not only severe regarding its consequences but also represents a new threat, given its growing level of popularity. Here are details about this new form of stealth malware that you need to know.

Malicious viruses, like Stuxnet, explicitly target critical systems that control pumps, motors, valves and programmable logic controllers,” Deloitte warned in its ninth annual mining report.

November was another bumper month for big cyber attacks. There was something for everyone, with new mobile malware in the form of the Gooligan campaign, new distributed denial of service (DDoS) attacks through the Mirai malware and standard data breaches in the cases of Three and the National Lottery.

AS HACKERS wreak havoc with depressing regularity, the insurance industry finds itself forced to contemplate a whole new set of risks. They range from the theft of millions of credit-card numbers from American retailers to the disabling of the power grid, as happened in Ukraine last December.

When healthcare executives think of economics, their first thought no doubt is of money. But that’s not necessarily the right thought when it comes to the economics of cybersecurity, said Scott Borg, chief economist at the U.S. Cyber Consequences Unit.

A recent study performed by IBM's Resilient and the Ponemon Institute found that 66% of organizations would be unable to recover from a cyberattack. The results of the 2016 Cyber Resilient Organization study were released Wednesday, and show a decline in organizational resilience against cyberattacks.

Recently a software company in Florida was hacked. The company, which brings in about $25 million in annual revenue, serves clients such as Wal-mart and Big Lots. The hackers, based in Germany, got into the company's database, stealing all of its customer information. Hiring a data-recovery firm to undo the damage cost $5 million.

Whenever you read the words, ‘Google’, ‘China’ and ‘Hackers’ in the same sentence, it generally cannot be good news. A team of white hat hackers from China managed to hack Google’s flagship smartphone Pixel within 60 seconds.

An "apology" from developer Hello Games over controversial space sim No Man's Sky this weekend has been blamed on a hack by a disgruntled employee. The incident began on the weekend when Hello Games' Twitter account posted a tweet simply stating that "No Man's Sky was a mistake." An email was also sent from the account of studio founder Sean Murray to a number of games journalists.

The U.S. National Highway Traffic Safety issued recommendations to automakers on Monday on how to protect connected and automated vehicles from cyber attacks. The agency’s guidelines are suggestions, but cannot be enforced.

Three-hospital Care New England Health System (CNE) agreed to pay a $400,000 fine and complete an OCR-prescribed corrective action plan that will last for six years. As in recent OCR penalties, the chain was sanctioned because of the business associate provisions of HIPAA.

Last October, Ford dealer O.C. Welch and his service manager noticed that gross profits weren't as high as they should have been based on the number of repair orders. They scrutinized the books at O.C. Welch Ford-Lincoln in Hardeeville, S.C., and found payments to nonexistent vendors. The trail led to Assistant Comptroller DeAnne Ogden.$2-million-embezzled

(Tampa Bay, FL) September 19, 2016 – A new report reveals that nearly half of U.S. consumers have experienced card fraud,(1) while another survey found that 56% of fraud victims changed their card use or shopping behavior after a fraudulent charge.(2) eConsumerServices (, a dispute mediation firm, maintains that card issuers and merchants must be proactive to avoid losing business in cases of credit card fraud; so CEO Gary Cardone counsels banks and retailers on steps they can take to retain consumers’ trust.

The city contends the water department worker was disgruntled after being passed over for a promotion and decided to retaliate—by deleting the evidence the city uses to defend itself in TORT claims- those are grievances claiming negligence when city property damages private property.

Hackers are increasingly targeting healthcare institutions with malware because of their poor cyber-security posture, reliance on legacy IT systems, third-party services and the need to access information as soon as possible in order to deliver great patient care.  These are the conclusions released in a new report entitled McAfee Labs Threats Report: September 2016.

The Southwest Utah Public Health Department has agreed to repay some $73,000 in Medicaid allocations after investigators found one of its employees had been providing patient services through a separate private company.

Credit Suisse Group AG is accusing a group of five investment bankers who left for Jefferies Group LLC in May of stealing confidential information and trying to coax former colleagues to join them.

America is under cyberattack; this is the harsh reality. Over the past few years, we’ve seen numerous high-profile hacks on government systems that have directly impacted government organizations, citizens, and in some cases even the presidential candidates themselves.

A former administrative worker at a Florida-based pediatric practice has been indicted in federal court along with two others for alleged identity theft and fraud crimes involving stolen patient information. But no HIPAA-related criminal charges were filed in the case.


    Fill out this form and let us know.


  • Tel: 208-424-2249

    9AM - 5PM Monday-Friday

    1112 W. Main St. Ste. 105
    Boise, ID 83702

  • © 2017 STRATEGIC RISK ALTERNATIVES | financial security + risk management + middle market companies | site design by V-Squared Creative