Since April 2020, unidentified cyber actors have actively targeted vulnerable SonarQube instances to access source code repositories of US government agencies and private businesses. Keep Reading
According to GAO's analysis of K-12 Cybersecurity Resource Center (CRC) data from July 2016 to May 2020, thousands of K-12 students were affected by 99 reported data breaches, one type of cybersecurity incident in which data are compromised. Keep Reading
Organizations can detect malicious insiders from the time they access the network – before they have a chance to act. Keep Reading
The data breach the Department of Veterans Affairs announced exposed personal information for 46,000 veterans, but it also hit several thousand community care providers that supplement the agency’s medical program. Keep Reading
Data breaches exposing millions of personal records are becoming the new normal. Data leaks reached an all-time high, rising by 492% to a record 27 billion in the first half of 2020. Keep Reading
While consumers have been inundated with coronavirus-related scams and identity theft, the number of publicly reported data breaches actually dropped during the first half of 2020. Keep Reading
The MGM Resorts 2019 data breach is much larger than initially reported, and is now believed to have impacted more than 142 million hotel guests, and not just the 10.6 million that ZDNet initially reported back in February 2020. Keep Reading
The University of California San Francisco (UCSF) says that it paid $1.14 million to the Netwalker ransomware operators who successfully breached the UCSF School of Medicine’s IT network, stealing data and encrypting systems. Keep Reading
A newly unclassified internal CIA report found that a massive 2017 data breach of the agency that enabled classified information to be sent to WikiLeaks was caused by the CIA failing to secure its own systems. Keep Reading
Amtrak, the national rail service for the US, has suffered a data breach that may have exposed some customers’ logins and other personally identifiable information (PII), the service has disclosed. Keep Reading
The budget European airline, which has seen its fleet grounded by coronavirus, said the unauthorized access to its systems had been closed off. Keep Reading
The Justice Department notified the U.S. Marshals on December 30, 2019, of a data breach affecting a public-facing server storing personal information on current and former prisoners in its custody. Keep Reading
Twitter has been forced to take down thousands of breached email addresses and passwords from US and global health organizations first disseminated by alleged Neo-Nazi groups. Keep Reading
With the insidious Maze ransomware, victims can no longer hit “reset” on their backup and recovery systems and ignore the criminal’s demand for cash because the virus exports the victim’s data to the attacker. Keep Reading
Two San Francisco International Airport (SFO) websites have been targeted by cyber criminals. The attackers inserted malicious computer code on these websites to steal some users’ login credentials. Keep Reading
The information taken may have included names, addresses, phone numbers, birthdays, loyalty information for linked companies like airlines and room preferences. Keep Reading
Four years ago, Lexmark International Inc. was hit with a stubborn computer virus that tied up some members of its cybersecurity team for months. The Kwampirs malware had “run rampant,” said Bryan Willett, Lexmark’s chief information security officer. Keep Reading
The Defense Information Systems Agency notified potential victims of the breach in a letter this month, saying it had tightened protocols for protecting personally identification information (PII) because of the incident. Keep Reading
Year over year from 2018 to 2019, the number of records exposed by cloud misconfigurations rose by 80%, as did the total cost to companies associated with those lost records. Keep Reading
DATA PRIVACY DAY: Aura of ambiguity around the new legislation has led to a slow start for enforcement. Keep Reading