So today IJ has this on seven cyber insurers bypassing ISO-Verisk and LexisNexus to form their own bureau.
https://www.insurancejournal.com/news/n ... 619446.htm
Also know that IJ had it's own data breach issue with not closing a security issue in Wordpress such that data that should have been behind a login was actually public. Once they did close it, they deleted the post and did not inform users. Oh OH! Isn't this not ethical IJ???
Cyber News and Insurance Journal Data Breach
Moderators: Josh, independent guy
-
OldIndyAgent
- Insurance Journal Addict
- Posts: 81
- Joined: Sat Mar 19, 2011 7:07 am
-
Josh
- Insurance Journal Addict
- Posts: 32
- Joined: Fri Jul 12, 2002 10:01 pm
- Location: San Diego, CA
- Contact:
Re: Cyber News and Insurance Journal Data Breach
There was no data breach.
Wordpress has a feature, REST API. There is nothing exposed that is not already public (ie. articles and author names and bios). We disabled because we want to minimize bots stealing our article content.
Wordpress docs say: "If you are not a developer, the most important thing to understand about the API is that it enables the block editor and modern plugin interfaces without compromising the security or privacy of your site."
https://developer.wordpress.org/rest-api/
Also we do not store secure info in wordpress. Audience databases and such are stored separately.
Wordpress has a feature, REST API. There is nothing exposed that is not already public (ie. articles and author names and bios). We disabled because we want to minimize bots stealing our article content.
Wordpress docs say: "If you are not a developer, the most important thing to understand about the API is that it enables the block editor and modern plugin interfaces without compromising the security or privacy of your site."
https://developer.wordpress.org/rest-api/
Also we do not store secure info in wordpress. Audience databases and such are stored separately.
Josh Carlson
Insurance Journal
Get Insurance Journal's Daily Headlines e-mailed to you. Sign up free here!
https://www.insurancejournal.com/subscribe
Insurance Journal
Get Insurance Journal's Daily Headlines e-mailed to you. Sign up free here!
https://www.insurancejournal.com/subscribe
-
OldIndyAgent
- Insurance Journal Addict
- Posts: 81
- Joined: Sat Mar 19, 2011 7:07 am
Re: Cyber News and Insurance Journal Data Breach
Why delete the original post then Josh?
Why not come out and say there was a security issue, no data was breached, and we fixed it.
Data that was behind a login was exposed publicly right?
pssst thats a data breach
Why not come out and say there was a security issue, no data was breached, and we fixed it.
Data that was behind a login was exposed publicly right?
pssst thats a data breach
-
Josh
- Insurance Journal Addict
- Posts: 32
- Joined: Fri Jul 12, 2002 10:01 pm
- Location: San Diego, CA
- Contact:
Re: Cyber News and Insurance Journal Data Breach
Read the wordpress explanation again "without compromising the security or privacy of your site".
People reading articles on our website is not a data breach.
If a post was deleted it's because it is misinformation.
People reading articles on our website is not a data breach.
If a post was deleted it's because it is misinformation.
Josh Carlson
Insurance Journal
Get Insurance Journal's Daily Headlines e-mailed to you. Sign up free here!
https://www.insurancejournal.com/subscribe
Insurance Journal
Get Insurance Journal's Daily Headlines e-mailed to you. Sign up free here!
https://www.insurancejournal.com/subscribe