We recently received a “security report” from an insurance underwriter related to our Cyber Liability policy. Included in the report was the one and only incident that a user had with an email threat. The threat was promptly identified and remediated. My question, since the information included the users email address, time and date of the incident, how did the insurance underwriter get this information? The only place it is contained is within our webroot data. Are you know selling our security history logs with usernames, PII, etc.? If so, we will be dropping Webroot like a rock.
Userlevel 6
+26
From the WR side, if something was remediated, the users data isn’t captured in any logs, the backend systems or otherwise. The only items captured are for internal analysis like, the threat binary, hash, heuristic aspects and other technical binary information, device ID, but user information isn’t captured. Email isn’t captured in any logs or the console.
So, consequently, WR does not sell log information, user details or otherwise as the information isn’t presented or available.
The specific incident should be reviewed and our support team may be able to help you ascertain how that information was breached, but it had to come from another source.
Privacy is extremely important. Reference our privacy policy page for more details. Privacy Statements.
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.