Tom Kellermann has never tempered his criticism of U.S. cybersecurity policies. But he is openly enthusiastic about the National Cybersecurity Strategy unveiled March 2. "I was blown away," Kellermann says about the Biden administration's new five-pillar policy. "Seriously, this is a true strategy."
In this week's roundup: an incident affecting News Corp and ransomware at Dish Network, Washington's Pierce Transit and the U.S. Marshals Service. Also: a DDoS attack on Danish hospitals from a threat actor that isn't what it claims and a bit of good news about a ransomware decryptor.
High street retailer WH Smith reports that it suffered a hack attack that led to the exposure of current and former employees' personal data, but no exposure of customer data or website disruption. It's the latest big British business in recent months to suffer a data breach or ransomware attack.
The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them. Goals include minimum security requirements for critical infrastructure sector organizations and liability for poor software development practices.
Summa Equity bought a majority stake in Logpoint to help the security operations firm expand in areas such as automation, detection and response, and attack surface management. The sustainable growth fund says the acquisition will allow the company to acquire technologies in adjacent areas.
Okta Identity Governance has enjoyed success in its first quarter of global availability as businesses unify access management and governance. Okta is surprised by the amount of traction its governance offering has gained with large enterprises and in competitive bake-offs, says CEO Todd McKinnon.
Irish authorities have fined a healthcare organization 460,000 euros - about $490,000 - for a 2019 Calum ransomware breach that compromised sensitive information of 70,000 patients, including the permanent deletion of data for about 2,500 of them.
The European agency responsible for overseeing consistent application of privacy law on the continent says it has reservations about the legal framework underpinning commercial trans-Atlantic data flows as the framework moves toward formal acceptance by the European Commission.
The Federal Trade Commission is warning Amazon and One Medical to abide by their promises to protect consumers' data privacy. The statement comes in the wake of Amazon's $3.9 billion purchase of the primary healthcare on-site and virtual services provider.
Security researchers uncovered an investment scam network that draws on an online infrastructure of hundreds of hosts and thousands of domains to target primarily Indian victims by impersonating Fortune 100 companies. Most payment amounts defaulted to Indian rupees.
As U.S. prosecutors continue to probe collapsed cryptocurrency exchange FTX, Nishad Singh, the former head of engineering, has pleaded guilty to multiple criminal charges and agreed to assist prosecutors with their case against founder Sam Bankman-Fried, accused of orchestrating billions in fraud.
Faster payment technology has been around for years, but fraud continues to dominate the conversation, says Reed Luhtanen of the U.S. Faster Payments Council. Luhtanen says all payment systems have a fraud problem, and firms will be able to curb faster payment fraud with more experience and data.
The situation at LastPass keeps getting worse: The company says hackers implanted keylogger software on a DevOps employee's home computer to obtain access to the corporate vault. Customer vault data can be decrypted only with the end user master password, which LastPass doesn't store.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.