Tag: data-breach
-
Millions of Email Servers Exposed Due to Missing TLS Encryption
Millions of email servers worldwide remain alarmingly vulnerable to cyberattacks due to a critical security oversight: the absence of Transport Layer Security (TLS) encryption. First seen on hackread.com Jump to article: hackread.com/millions-email-servers-exposed-missing-tls-encryption/
-
Washington State Filed Lawsuit Against T-Mobile Massive Data Breach
Washington State Attorney General Bob Ferguson filed a consumer protection lawsuit against T-Mobile for its alleged failure to secure sensitive personal information of over 2 million residents. This lawsuit comes in the wake of a massive data breach that exposed the personal details of Washingtonians, putting them at heightened risk of fraud and identity theft.…
-
The biggest data breach fines, penalties, and settlements so far
Tags: access, apache, attack, breach, business, china, ciso, communications, compliance, control, credentials, credit-card, cyberattack, cybercrime, cybersecurity, data, data-breach, email, finance, flaw, framework, GDPR, google, hacker, Hardware, identity, Internet, law, leak, linkedin, microsoft, mobile, monitoring, network, office, phone, privacy, regulation, risk, service, software, technology, tool, training, update, vulnerabilitySizable fines assessed for data breaches in recent years suggest that regulators are getting more serious about cracking down on organizations that don’t properly protect consumer data.Hit with a $ 1.3 billion fine for unlawfully transferring personal data from the European Union to the US, Meta tops the list of recent big-ticket sanctions, with one…
-
Casio says data of 8,500 people exposed in October ransomware attack
Japanese electronics manufacturer Casio says that the October 2024 ransomware incident exposed the personal data of approximately 8,500 people. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/casio-says-data-of-8-500-people-exposed-in-october-ransomware-attack/
-
Third-Party Data Breach Limited to Treasury Dept.
The breach was carried out by exploiting CVE-2024-12356 in BeyondTrust cybersecurity company, just last week. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/cisa-third-party-data-breach-limited-treasury-dept
-
The secret to your Artifactory: A Deep Dive into Critical Exposures
While Artifactory tokens aren’t the most common leaked secrets, GitGuardian’s research reveals their critical nature in corporate environments. Recent investigations across major industries show how these tokens frequently expose sensitive resources through build configurations and DevOps code. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/the-secret-to-your-artifactory-a-deep-dive-into-critical-exposures/
-
Washington state sues T-Mobile over 2021 data breach security failures
Washington state has sued T-Mobile over failing to secure the sensitive personal information of over 2 million Washington residents in a 2021 data breach. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/legal/washington-state-sues-t-mobile-over-2021-data-breach-security-failures/
-
Turbulence at UN aviation agency as probe into potential data theft begins
Crime forum-dweller claims to have leaked 42,000 documents packed with personal info First seen on theregister.com Jump to article: www.theregister.com/2025/01/07/icao_data_theft_investigation/
-
T-Mobile Sued by Washington State Over 2021 Data Breach
Attorney General Accuses Telecom of Failing to Correctly Notify Millions of Victims. Washington state’s attorney general filed a consumer protection lawsuit against T-Mobile over a massive 2021 data breach that exposed personally identifiable information for more than 79 million consumers, alleging in part the telecom failed to correctly notify victims. First seen on govinfosecurity.com Jump…
-
ADFS”Š”, “ŠLiving in the Legacy of DRS
ADFS”Š”, “ŠLiving in the Legacy of DRS It’s no secret that Microsoft have been trying to move customers away from ADFS for a while. Short of slapping a “deprecated” label on it, every bit of documentation I come across eventually explains why Entra ID should now be used in place of ADFS. And yet”¦ we still encounter…
-
UN aviation agency investigating possible data breach
The United Nation’s International Civil Aviation Organization (ICAO) confirmed on Monday that it’s >>actively investigating reports of a potential information … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/07/icao-un-aviation-agency-data-breach-security-incident/
-
UN aviation agency ‘actively investigating’ cybercriminal’s claimed data breach
The International Civil Aviation Organization (ICAO) said it was responding to claims of a data breach “allegedly linked to a threat actor known for targeting international organizations.”]]> First seen on therecord.media Jump to article: therecord.media/united-nations-icao-investigating-data-breach
-
Washington Attorney General Sues T-Mobile Over 2021 Data Breach
Washington State Attorney General Bob Ferguson has filed a lawsuit against T-Mobile over a 2021 data breach that impacted over 76 million consumers. The post Washington Attorney General Sues T-Mobile Over 2021 Data Breach appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/washington-attorney-general-sues-t-mobile-over-2021-data-breach/
-
Washington sues T-Mobile over 2021 data breach that spilled 79 million customer records
The 2021 breach affected at least 2 million Washington state residents, and tens of millions more customers around the United States. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/06/washington-sues-t-mobile-over-2021-data-breach-that-spilled-79-million-customer-records/
-
Thousands of BeyondTrust Systems Remain Exposed
Weeks after the critical vulnerability was reported and a hacking of the Treasury Department, nearly 9,000 BeyondTrust instances remain wide open to the Internet, researchers say — though it’s impossible to tell how many are still vulnerable. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/thousands-of-buggy-beyondtrust-systems-still-exposed
-
IT Giant Atos Responds to Ransomware Group’s Data Theft Claims
IT services giant Atos has responded to the data breach claims made by a ransomware group named Space Bears. The post IT Giant Atos Responds to Ransomware Group’s Data Theft Claims appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/it-giant-atos-responds-to-ransomware-groups-data-theft-claims/
-
12 cybersecurity resolutions for 2025
Tags: advisory, ai, api, attack, awareness, breach, business, ceo, chatgpt, china, ciso, communications, control, crowdstrike, cyber, cyberattack, cybersecurity, data, data-breach, deep-fake, defense, detection, email, identity, insurance, jobs, law, malicious, phishing, ransomware, risk, risk-assessment, risk-management, strategy, supply-chain, technology, threat, tool, training, vulnerabilityAs cyber threats continue to evolve, CISOs must prepare for an increasingly complex threat landscape. From dealing with AI-driven attacks to managing changing regulatory requirements, it’s clear that 2025 will be another big year for CISOs.But staying ahead requires more than just implementing the next cutting-edge set of tools or technologies. It demands a shift…
-
Privacy Roundup: Week 1 of Year 2025
Tags: access, ai, android, apple, authentication, botnet, breach, browser, business, captcha, chrome, compliance, cve, cybersecurity, data, data-breach, detection, email, encryption, exploit, finance, firmware, flaw, google, group, hacker, healthcare, HIPAA, infrastructure, injection, Internet, law, leak, login, malware, open-source, password, phishing, privacy, router, service, software, threat, tool, update, virus, vulnerabilityThis is a news item roundup of privacy or privacy-related news items for 29 DEC 2024 – 4 JAN 2024. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things overlap; for…
-
Dental Practice Pays State in Alleged Data Breach ‘Cover Up’
Indiana Attorney General Fines Westend Dental $350K in 2020 Ransomware Hack. An Indiana dental practice agreed to pay the state $350,000 and implement a long list of data security improvements following an alleged 2020 ransomware breach cover up that came to light when state regulators investigated a patient complaint about unfulfilled requests for dental X-rays.…
-
Richmond University Medical Center data breach impacted 674,033 individuals
Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals. New York’s Richmond University Medical Center confirmed a May 2023 ransomware attack impacted 674,033 individuals. Richmond University Medical Center (RUMC) is a healthcare institution based in Staten Island, New York. It provides a wide range of medical services, including…
-
Visionworks hit with lawsuit over data breach
First seen on scworld.com Jump to article: www.scworld.com/brief/visionworks-hit-with-lawsuit-over-data-breach
-
Censys researchers warn 8,600 BeyondTrust instances still exposed
As authorities investigate a December attack spree, the researchers added the;caveat that not all instances are considered vulnerable. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/Censys-warns-8600-exposed-beyondtrust/736416/
-
Online gift card store exposed hundreds of thousands of people’s identity documents
The gift card store secured the public cloud storage server containing customer ID documents, which was not protected with a password. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/03/online-gift-card-store-exposed-hundreds-of-thousands-of-peoples-identity-documents/
-
In Other News: Volkswagen Data Leak, DoubleClickjacking, China Denies Hacking US Treasury
Noteworthy stories that might have slipped under the radar: location data of 800,000 electric Volkswagen cars leaked, DoubleClickjacking attack, China denies hacking US Treasury. The post In Other News: Volkswagen Data Leak, DoubleClickjacking, China Denies Hacking US Treasury appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/in-other-news-volkswagen-data-leak-doubleclickjacking-china-denies-hacking-us-treasury/
-
New York Hospital Says Ransomware Attack Data Breach Impacts 670,000
Richmond University Medical Center has been investigating a ransomware attack since May 2023 and it recently determined that it affects 670,000 people. The post New York Hospital Says Ransomware Attack Data Breach Impacts 670,000 appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/new-york-hospital-says-ransomware-attack-data-breach-impacts-670000/
-
Secure by design vs by default which software development concept is better?
Tags: access, api, application-security, attack, business, cisa, cloud, control, cyber, cybersecurity, data, data-breach, exploit, framework, guide, Hardware, infrastructure, malicious, mfa, nist, programming, resilience, risk, saas, security-incident, service, software, supply-chain, technology, threat, tool, update, vulnerabilityAs cybersecurity professionals, we need to know that the software products we acquire are safe and able to support or accommodate the procedures and tools we use to keep attackers at bay while performing their given functions.With attacks perennially on the rise and the software supply chain remaining as vulnerable as ever, there is momentum…
-
Best of 2024: National Public Data (NPD) Breach: Essential Guide to Protecting Your Identity
Following the publication of our in-depth analysis on the National Public Data (NPD) breach last week, Constella Intelligence received several inquiries about how to safeguard against identity attacks using the exposed SSNs. The recent National Public Data (NPD) breach stands as the largest social security number (SSN) exposures in history. With 292 million individuals exposed,……
-
Volkswagen Breach Exposes Data of 800K EV Customers
Ethical hacking group Chaos Computer Club uncovered exposed data of electrical vehicle owners across the company’s VW, Audi, Seat, and Skoda brands. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/volkswagen-breach-exposes-data-of-800k-customers
-
Microsoft Sentinel: A cloud-native SIEM with integrated GenAI
Tags: ai, attack, automation, breach, business, cloud, cyber, cybersecurity, data, data-breach, detection, edr, intelligence, microsoft, risk, siem, skills, soar, soc, technology, threat, tool, training, vulnerabilityIn a recent survey, 74% of cybersecurity professionals said that the threat landscape is the worst they’ve seen in 5 years.1 Escalating cyber threats, an expanding attack surface, and staffing shortages are putting tremendous pressure on the security operations center (SOC).It’s never been more important to have the right tools in place, especially when it…