A lawsuit by an Idaho-based data marketing and analytics vendor against the U.S. Federal Trade Commission is the latest legal dispute spotlighting growing privacy concerns related to the tracking and collection of consumers' healthcare-related and location data.
ENISA’s new "Threat Landscape for Ransomware Attacks" report analyzes 623 ransomware incidents in the EU, U.K. and U.S. from 2021 to 2022. ENISA cybersecurity officer Ifigeneia Lella shares how attacks have evolved and how 95% of reported incidents lack key data about how the breaches occurred.
Some 60 breaches affecting about 2.5 million individuals were added in July to the federal tally of major health data breaches. A vast majority of 2022 breaches continue to be linked to large hacking incidents and ransomware demands - with 40% tied to outside vendors.
Cisco says it fell victim to a successful hack attack and data breach in May. While an attacker wielding Yanluowang ransomware claimed to have exfiltrated data and crypto-locked systems, Cisco says nothing sensitive was stolen and no systems were infected by ransomware.
Two hacking incidents - one reported by a Texas-based substance abuse treatment network that operates in several states and the other by a New Mexico community health center - have affected the sensitive medical information of nearly 300,000 individuals.
APIs are now the largest attack vector for abuse, data loss and fraud across nearly every industry. In addition, organizations are using outdated, unreliable methods to API security, and aren’t yet including the protection of the API layer in those plans. These approaches are proving insufficient, especially given...
Twilio, which runs a customer engagement platform used by thousands of businesses, says that its employees were tricked via SMS phishing messages into giving attackers their login credentials, resulting in the theft of information on customers, as well as their customers and end users.
With attack surface sprawl and growing numbers of vulnerabilities to address, security and IT teams are increasingly challenged to meet remediation targets. To overcome this problem, teams need an automated way of identifying and correlating the highest risk vulnerabilities with the right remediation steps.
For...
With attack surface sprawl and growing numbers of vulnerabilities to address, security and IT teams are increasingly challenged to meet remediation targets. To overcome this problem, teams need an automated way of identifying and correlating the highest risk vulnerabilities with the right remediation steps.
For...
The ISMG Security Report analyzes a settlement with the U.S. Justice Department, in which Uber accepts responsibility for a data breach cover-up to avoid criminal charges. It also discusses why early-stage startups are conserving cash and recent initiatives from the U.S. Federal Trade Commission.
Data breaches in the healthcare sector cost about $10.1 million - more than double the average cost of breaches across other industries - once again ranking the sector as having the most expensive data breaches, says Limor Kessem, principal consultant of cyber crisis management at IBM Security.
Ride-sharing service Uber has reached an agreement with the U.S. Department of Justice to resolve a criminal investigation into its massive 2016 data breach. After Uber admitting to covering up the data breach, as well as several other factors, the government has ended its prosecution.
A proposed $350 million settlement of a consolidated class action lawsuit against T-Mobile, after a 2021 data breach that affected nearly 77 million people, includes breach victims and related legal costs. The settlement requires T-Mobile to invest $150 million to bolster data security.
A misconfigured Alibaba private cloud server has led to the leak of around 1 billion Chinese nationals' personal details. An unknown hacker, identified as "ChinaDan," posted an advertisement on a hacker forum selling 23 terabytes of data for 10 bitcoins, equivalent to about $200,000.
India's stock brokers and depository participants must now report all cyberattacks and breaches to the Securities and Exchange Board of India within six hours of detection under a mandate implementing what is likely the world's tightest breach reporting timeline requirement.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
