Tag: breach
-
Navia Confirms Data Breach Exposing Sensitive Information of 2.7 Million Users
Navia Benefit Solutions has confirmed a significant data breach impacting nearly 2.7 million individuals. The incident resulted from unauthorised access to the company’s systems, exposing sensitive personal and health plan information. As a prominent administrator of employee benefits for over 10,000 employers in the United States, Navia holds a vast amount of sensitive data, including…
-
SpyCloud’s 2026 Identity Exposure Report Reveals Explosion of Non-Human Identity Theft
Tags: ai, authentication, automation, breach, cloud, credentials, cybercrime, cybersecurity, dark-web, data, data-breach, government, identity, malware, monitoring, password, phishing, ransomware, supply-chain, theft, threat, tool67 / sixseven: 140.4Msweet / cookie / candy / cake / pie: 5.7Mchiefs / kansas city chiefs: 5M2025: 4.1Mapple / banana / orange / strawberry / fruit: 2.6MPassword reuse remains widespread, and the report also identified 1.1 million password manager master passwords circulating in underground sources, raising concerns about vault-level compromise when master credentials are…
-
SpyCloud’s 2026 Identity Exposure Report Reveals Explosion of Non-Human Identity Theft
Tags: ai, authentication, automation, breach, cloud, credentials, cybercrime, cybersecurity, dark-web, data, data-breach, government, identity, malware, monitoring, password, phishing, ransomware, supply-chain, theft, threat, tool67 / sixseven: 140.4Msweet / cookie / candy / cake / pie: 5.7Mchiefs / kansas city chiefs: 5M2025: 4.1Mapple / banana / orange / strawberry / fruit: 2.6MPassword reuse remains widespread, and the report also identified 1.1 million password manager master passwords circulating in underground sources, raising concerns about vault-level compromise when master credentials are…
-
Breach Roundup: Fancy Bear in Schmancy OpSec Failure
Also, Telus Breach, Microsoft Hotpatching, Interpol Malicious IP Takedown. This week, Russian hacker OpSec failure, Interpol helped disrupt 45,000 malicious IPs, the FBI is looking for an ATM jackpotting suspect and Telus disclosed a breach. Windows hotpatching, an FTP exploit, a foiled attack on a nuclear research center and China-linked espionage. First seen on govinfosecurity.com…
-
Breach Roundup: Fancy Bear in Schmancy OpSec Failure
Also, Telus Breach, Microsoft Hotpatching, Interpol Malicious IP Takedown. This week, Russian hacker OpSec failure, Interpol helped disrupt 45,000 malicious IPs, the FBI is looking for an ATM jackpotting suspect and Telus disclosed a breach. Windows hotpatching, an FTP exploit, a foiled attack on a nuclear research center and China-linked espionage. First seen on govinfosecurity.com…
-
Anton’s Security Blog Quarterly Q1 2026
Tags: ai, automation, breach, ciso, cloud, control, defense, detection, framework, google, governance, infrastructure, mandiant, metric, RedTeam, risk, service, siem, soc, software, supply-chain, threat, update, vulnerability, vulnerability-managementMy Anton’s Security Blog (And Podcast!) Quarterly this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify, now with VIDEO). Gemini image for this Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [A.C.”Š”,…
-
Anton’s Security Blog Quarterly Q1 2026
Tags: ai, automation, breach, ciso, cloud, control, defense, detection, framework, google, governance, infrastructure, mandiant, metric, RedTeam, risk, service, siem, soc, software, supply-chain, threat, update, vulnerability, vulnerability-managementMy Anton’s Security Blog (And Podcast!) Quarterly this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify, now with VIDEO). Gemini image for this Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [A.C.”Š”,…
-
Anton’s Security Blog Quarterly Q1 2026
Tags: ai, automation, breach, ciso, cloud, control, defense, detection, framework, google, governance, infrastructure, mandiant, metric, RedTeam, risk, service, siem, soc, software, supply-chain, threat, update, vulnerability, vulnerability-managementMy Anton’s Security Blog (And Podcast!) Quarterly this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify, now with VIDEO). Gemini image for this Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [A.C.”Š”,…
-
Worker Benefits Administrator Notifying 2.7M of Hack
Navia Benefit Solutions Says Potential Data Theft Took Place Over 3-Week Period. A Washington-state based employee benefits administrator is notifying nearly 2.7 million individuals that their information, including health plan and personal details such as Social Security numbers, was potentially stolen in a hacking incident discovered in January. First seen on govinfosecurity.com Jump to article:…
-
Worker Benefits Administrator Notifying 2.7M of Hack
Navia Benefit Solutions Says Potential Data Theft Took Place Over 3-Week Period. A Washington-state based employee benefits administrator is notifying nearly 2.7 million individuals that their information, including health plan and personal details such as Social Security numbers, was potentially stolen in a hacking incident discovered in January. First seen on govinfosecurity.com Jump to article:…
-
Navia discloses data breach impacting 2.7 million people
Navia Benefit Solutions, Inc. (Navia) is informing nearly 2.7 million individuals of a data breach that exposed their sensitive information to attackers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/navia-discloses-data-breach-impacting-27-million-people/
-
News alert: SpyCloud study reveal stolen tokens, session data fuel surge in non-human identity attacks
AUSTIN, Texas, Mar. 19, 2026, CyberNewswire”, SpyCloud, the leader in identity threat protection, today released its annual 2026 Identity Exposure Report, one of the most comprehensive analyses of stolen credentials and identity exposure data circulating in the… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/news-alert-spycloud-study-reveal-stolen-tokens-session-data-fuel-surge-in-non-human-identity-attacks/
-
Feds keep eyes peeled for Iran cyberattacks, respond to Stryker breach
There’s been no visible surge, at least not yet, said DOD’s Terry Kalka and CISA’s Nick Andersen. First seen on cyberscoop.com Jump to article: cyberscoop.com/feds-keep-eyes-peeled-for-iran-cyberattacks-respond-to-stryker-breach/
-
AI-Powered Adaptive Authentication and Behavioral Biometrics: The Enterprise Guide 2026
60% of phishing breaches now bypass traditional MFA. Learn how AI-powered adaptive authentication and behavioral biometrics create continuous security without adding friction, with real deployment data and implementation roadmap. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/ai-powered-adaptive-authentication-and-behavioral-biometrics-the-enterprise-guide-2026/
-
US lawmakers quiz Meta over ‘dangerous’ facial recognition plans for smart glasses
Democratic senators warn that Meta’s plans to introduce facial recognition technology into smart glasses could lead to normalisation of mass surveillance and breach citizens’ rights First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366640518/US-lawmakers-quiz-Meta-over-dangerous-facial-recognition-plans-for-smart-glasses
-
Your tax forms sell for $20 on the dark web
Tax season is also peak season for identity theft. Malwarebytes researchers spotted criminals trading stolen tax records on dark web forums. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/your-tax-forms-sell-for-20-on-the-dark-web/
-
Russian hackers exploit Zimbra flaw to breach Ukrainian maritime agency
The Russian state-backed hacker group APT28 targeted a Ukrainian government agency by exploiting a vulnerability in Zimbra webmail software. First seen on therecord.media Jump to article: therecord.media/russia-hackers-ukraine-zimbra-breach
-
CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
CISA warned U.S. organizations to follow Microsoft guidance to strengthen the Intune endpoint management tool after a cyberattack exploited it to wipe medical technology giant Stryker’s systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-businesses-to-secure-microsoft-intune-systems-after-stryker-breach/
-
Identity-Centric Security Strategies for Hybrid Workforces
In the hybrid work era, 80% of breaches stem from compromised credentials. Explore why identity-centric security and Zero Trust are now the “only perimeter that matters,” and learn practical strategies for IAM, MFA, and automated governance to secure your modern workforce. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/identity-centric-security-strategies-for-hybrid-workforces/
-
The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat
Most cloud setup errors, 8 out of 10, happen because people slip up, not because code fails.One out of three cloud setups sits empty, ignored by any oversight. A third of online storage spaces get zero attention from monitors.Almost one out of every two hundred storage units on Amazon’s cloud sits open, per a 2024…
-
The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat
Most cloud setup errors, 8 out of 10, happen because people slip up, not because code fails.One out of three cloud setups sits empty, ignored by any oversight. A third of online storage spaces get zero attention from monitors.Almost one out of every two hundred storage units on Amazon’s cloud sits open, per a 2024…
-
Your MFA isn’t broken, it’s being bypassed, and your employees can’t tell the difference
Three failures that keep showing up: Through my research into adversary-in-the-middle attacks and reviewing industry incident reports, I have identified three consistent failures that make these attacks successful. 1. We trained our people for the wrong threat Most security awareness programs still teach the same things: Look for misspellings, check the sender address, hover over…
-
Your MFA isn’t broken, it’s being bypassed, and your employees can’t tell the difference
Three failures that keep showing up: Through my research into adversary-in-the-middle attacks and reviewing industry incident reports, I have identified three consistent failures that make these attacks successful. 1. We trained our people for the wrong threat Most security awareness programs still teach the same things: Look for misspellings, check the sender address, hover over…
-
US lawmakers quiz Meta over ‘dangerous’ facial-recognition plans for smart glasses
Democratic senators warn that Meta’s plans to introduce facial-recognition technology into smart glasses could lead to normalisation of mass surveillance and breach citizens’ rights First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366640518/US-lawmakers-quiz-Meta-over-dangerous-facial-recognition-plans-for-smart-glasses
-
Bank software vendor Marquis says more than 670,000 impacted by August breach
The company, which provides software that allows financial institutions to communicate with customers, previously warned in November that at least 74 banks, credit unions and financial institutions were impacted by a data breach. First seen on therecord.media Jump to article: therecord.media/marquis-bank-vendor-data-breach