High street retailer WH Smith reports that it suffered a hack attack that led to the exposure of current and former employees' personal data, but no exposure of customer data or website disruption. It's the latest big British business in recent months to suffer a data breach or ransomware attack.
Five proposed class action lawsuits have been filed so far in the wake of a California medical group's Feb. 1 report of a ransomware attack last December affecting more than 3.3 million individuals. The incident is the largest health data breach reported to federal regulators so far this year.
Lehigh Valley Health Network, which operates 13 hospitals and numerous physician practices and clinics in eastern Pennsylvania, says it has been hit with an attack by Russian-based ransomware-as-a-service group BlackCat. The network says it didn't pay a ransom and operations were not disrupted.
Two recent separate hacking incidents involving attackers stealing copies of sensitive protected health information have affected more than 1 million patients of a New Jersey healthcare system and an Alabama cardiovascular clinic. Victims get free credit monitoring and identity restoration services.
In the wake of recent cyberthreats aimed at Australia's critical infrastructure, the country has adopted a new risk management program to strengthen its resilience and security in these key sectors. The new rules will help businesses prepare for, prevent and mitigate emerging threats.
Ireland's child and family agency, Tusla, says it is beginning a months-long process to notify 20,000 individuals that their personal information was exposed in the May 2021 ransomware attack against the Health Service Executive, which formerly managed Tusla's IT systems.
In the latest weekly update, ISMG editors discuss the ESXiArgs ransomware campaign that has snared 2,800 victims, the data breach reported in an SEC filing by a multistate hospital chain, and Check Point's building of SD-WAN capabilities that are integrated with the company's network security stack.
The Play ransomware group listed networking hardware manufacturer A10 Networks on its leak site after briefly gaining access to the company's IT infrastructure, according to data breach notifications firm BetterCyber. The Play group says it has confidential data, technical documentation and more.
Three of the planet's largest social media platforms suffered outages Wednesday, blocking some users at Twitter, Instagram and YouTube from accessing their accounts. At Twitter, many users received a message Wednesday saying they were "over the daily limit" and were unable to post.
In the latest weekly update, ISMG editors discuss the lasting effects of the takedown of the Hive ransomware group, why the U.S. government is warning of a surge in Russian DDoS attacks on hospitals, and why the lack of transparency in U.S. breach notices is creating more risk for consumers.
The Identity Theft Resource Center's 2022 Annual Data Breach Report reveals a near-record number of compromises - the second-highest number in 17 years. ITRC COO James Lee worries that a sudden lack of transparency in breach notices is creating more risk for consumers.
ISACA's recently published Privacy in Practice 2023 survey report shares new research related to the privacy workforce, privacy skills, privacy by design and the future of privacy. Expert Safia Kazi shares ways organizations can align privacy goals with business objectives.
Serial entrepreneur Arvind Parthasarathi has started the company Cygnvs, which streamlines and secures communication between internal and external stakeholders after a cyberattack. Cygnvs emerged from stealth with 90 employees, 1,000 customers, $55 million of funding and a generally available tool.
Gen Digital, owner of the Norton LifeLock brand, is notifying more than 6,000 U.S. individuals that hackers might have the valid credentials for logging onto their Norton Password Manager after the company detected a credential stuffing attack in December.
The Vice Society ransomware group today claimed responsibility for a December 2022 attack on an Australian state fire department that led to a widespread IT outage. Fire Rescue Victoria warned current and former employees and job applicants of data leak.