What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-08-16 17:06:00 | When Efforts to Contain a Data Breach Backfire (lien direct) | Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The missive alleged that an auction on the site for data stolen from 10 million customers of Mexico's second-largest bank was fake news and harming the bank's reputation. The administrator responded to this empty threat by purchasing the stolen banking data and leaking it on the forum for everyone to download. | Data Breach Threat | ||
 |
2022-08-16 02:00:00 | The 12 biggest data breach fines, penalties, and settlements so far (lien direct) | Sizable fines assessed for data breaches since 2019 suggest that regulators are getting more serious about organizations that don't properly protect consumer data. Marriott was hit with a $124 million fine, later reduced, while Equifax agreed to pay a minimum of $575 million for its 2017 breach. Now, the Equifax fine has been eclipsed by the $1.19 billion fine levied against the Chinese firm Didi Global for violating that nation's data protection laws, and by the $877 million fine against Amazon last year for running afoul of the General Data Protection Regulation (GDPR) in Europe.To read this article in full, please click here | Data Breach | Equifax Equifax | |
 |
2022-08-15 17:46:24 | Twilio hack exposed Signal phone numbers of 1,900 users (lien direct) | Phone numbers of close to 1,900 Signal users were exposed in the data breach Twilio cloud communications company suffered at the beginning of the month. [...] | Data Breach Hack | ||
 |
2022-08-12 16:25:57 | The potential consequences of data breach, and romance scams – Week in security with Tony Anscombe (lien direct) | The NHS was victim of a potential cyberattack, which raises the question of the impact of those data breach for the public. | Data Breach | ||
 |
2022-08-11 16:15:09 | Video | Sontiq BreachIQ™ (lien direct) | >
Every data breach differs in terms of the type, amount and sensitivity of the information stolen. BreachIQ™ takes identity protection to the next level by providing hyper-personalized data breach insights and customized action plans based on an individual's unique breach history and risk exposure - providing their own dynamic Identity Safety Score.
|
Data Breach | ||
 |
2022-08-11 11:59:50 | 120K Priority Health Members Impacted By Third-Party Data Breach (lien direct) | Following news that priority Health issued a notice about a third-party data breach that originated at the law firm Warner Norcross & Judd (WNJ) in October 2021 (https://healthitsecurity.com/news/120k-priority-health-members-impacted-by-third-party-data-breach), cyber security experts explain the risk of third party companies. | Data Breach | ||
 |
2022-08-10 13:48:54 | Hackers behind Twilio data breach also targeted Cloudflare employees (lien direct) | >Cloudflare revealed that at least 76 employees and their family members were targeted by smishing attacks similar to the one that hit Twilio. The content delivery network and DDoS mitigation company Cloudflare revealed this week that at least 76 employees and their family members received text messages on their personal and work phones. According to […] | Data Breach | ||
 |
2022-08-10 10:00:00 | Security Automation Can Save You $3.05M in a Data Breach (lien direct) | >When it comes to reducing security breach costs, companies with security artificial intelligence (AI) and automation can save millions, per a new report. According to the most recent IBM Cost of a Data Breach Report, organizations with fully deployed security AI and automation save $3.05 million per data breach compared to those without. That’s a 65.2% […] | Data Breach | ||
|
2022-08-10 02:00:00 | U.S. Federal Court breach reveals IT and security maturation issues (lien direct) | In late July 2022, Politico ran a story detailing how the U.S. Department of Justice was investigating a recent data breach of the federal court system, which dated back to early 2020. The chair of the House Judiciary Committee, Jerrold Nadler (D-NY), described the breach as a “system security failure of the U.S. Courts' document management system.”On the same day, July 28, 2022, the U.S. Government Accountability Office (GAO) published the report GAO-22-105068 “U.S. Courts: Action Needed to Improve IT Management and Establish a Chief Information Officer.” The GAO report described systemic shortcomings in the administration of the U.S. court system, including the lack of a CIO, to oversee the substantive infrastructure.To read this article in full, please click here | Data Breach | ||
 |
2022-08-09 10:08:23 | Twilio Suffers Phishing Based Data Breach (lien direct) | Twilio, the communications giant, has confirmed that hackers accessed customer data after successfully tricking employees into handing over their corporate login credentials. The company, based in San Francisco, allows users to build voice and SMS capabilities, such as two-factor authentication (2FA), into applications, said that it became aware that someone gained “unauthorised access” to information […] | Data Breach | ||
|
2022-08-09 09:25:56 | How to stay safe from cybercriminals and avoid data breaches (lien direct) | A data breach is any person's nightmare. It can affect you mentally and financially, and an 100% unhackable device or account necessitates taking precautionary measures. Hackers target small and medium businesses as they don't have the resources to pay for cybersecurity tools and network upgrades to protect their data against the latest cybercriminals' tricks as […] | Data Breach | ||
 |
2022-08-09 07:24:25 | Twilio Suffers Data Breach After Employees Fall Victim to SMS Phishing Attack (lien direct) | Customer engagement platform Twilio on Monday disclosed that a "sophisticated" threat actor gained "unauthorized access" using an SMS-based phishing campaign aimed at its staff to gain information on a "limited number" of accounts. The social-engineering attack was bent on stealing employee credentials, the company said, calling the as-yet-unidentified adversary "well-organized" and "methodical | Data Breach Threat | ||
 |
2022-08-09 00:00:00 | Twitter data breach affects 5.4M users (lien direct) | >Categories: PrivacyTwitter has confirmed a data breach on July 2. (Read more...) | Data Breach | ||
 |
2022-08-08 21:29:35 | How to find out if you are involved in a data breach -- and what to do next (lien direct) | Here's a guide highlighting the tools you can use to determine if your account is at risk. | Data Breach | ||
|
2022-08-08 18:16:46 | (Déjà vu) Twilio discloses data breach that impacted customers and employees (lien direct) | >Communications company Twilio discloses a data breach after threat actors have stolen employee credentials in an SMS phishing attack. Communications company Twilio discloses a data breach, threat actors had access to the data of some of its customers. The attackers accessed company systems using employee credentials obtained through a sophisticated SMS phishing attack. Twilio is […] | Data Breach Threat | ||
|
2022-08-08 14:17:51 | Email marketing firm hacked to steal crypto-focused mailing lists (lien direct) | Email marketing firm Klaviyo disclosed a data breach after threat actors gained access to internal systems and downloaded marketing lists for cryptocurrency-related customers. [...] | Data Breach Threat | ||
|
2022-08-08 10:37:06 | Twilio discloses data breach after SMS phishing attack on employees (lien direct) | Cloud communications company Twilio says some of its customers' data was accessed by attackers who breached internal systems after stealing employee credentials in an SMS phishing attack. [...] | Data Breach | ||
|
2022-08-05 22:08:30 | Twitter confirms zero-day used to access data of 5.4 million accounts (lien direct) | >Twitter confirmed that the recent data breach that exposed data of 5.4 million accounts was caused by the exploitation of a zero-day flaw. At the end of July, a threat actor leaked data of 5.4 million Twitter accounts that were obtained by exploiting a now-fixed vulnerability in the popular social media platform. The threat actor offered […] | Data Breach Vulnerability Threat | ||
|
2022-08-05 12:00:00 | Twitter confirms zero-day used to expose data of 5.4 million accounts (lien direct) | Twitter has confirmed a recent data breach was caused by a now-patched zero-day vulnerability used to link email addresses and phone numbers to users' accounts, allowing a threat actor to compile a list of 5.4 million user account profiles. [...] | Data Breach Vulnerability Threat | ||
|
2022-08-03 15:22:35 | APIs attacked in 94% of companies in past year (lien direct) | Salt Security, the API security company, today released the Salt Labs State of API Security Report, Q3 2022. In its latest edition, the bi-annual report found that 94% of survey respondents experienced security problems in production APIs in the past year, with 20% stating their organisations suffered a data breach as a result of security […] | Data Breach | ||
 |
2022-08-03 12:50:01 | New Data Breach Extortion Attack Begins with a Fake Duolingo or MasterClass Subscription Scam (lien direct) |
|
Data Breach | ||
 |
2022-08-02 22:30:39 | Black Kite: Cost of data breach averages $15 million (lien direct) | >With the median cost per incident coming in at $130,000, most data breaches do not cross the $1 million threshold. | Data Breach | ||
|
2022-08-01 13:00:00 | How to Prepare for and Respond to a Data Privacy Breach (lien direct) | >Before I started covering cybersecurity, I thought the term ‘breach’ had a single meaning — that an attacker stole data from a computer system. I also thought all the different versions of the word meant the same thing. However, I’ve since learned the nuances and differences between a breach, a data breach and a data […] | Data Breach | ||
|
2022-08-01 10:39:47 | (Déjà vu) Congress Warns of US Court Records Data Breach (lien direct) | Lawmakers on the Hill revealed last week that a cyber-attack on the US justice system had compromised a public document management system. Jerrold Nadler (D-NY), chairman of the House Judiciary Committee, revealed the discovery at a hearing on oversight in the Justice Department. Nadler disclosed that three hostile actors had breached the Public Access to Court […] | Data Breach | ||
|
2022-08-01 07:44:00 | Global cost of data breach reaches record high of $4.35 million: IBM (lien direct) | The global average cost of data breaches reached an all-time high of $4.35 million in 2022 compared with $4.24 million in 2021, according to a new IBM Security report. About 60% of the breached organizations raised product and services prices due to the breaches.The annual report, conducted by Ponemon Institute and analyzed and sponsored by IBM Security, is based on the analysis of real-world data breaches experienced by 550 organizations globally between March 2021 and March 2022. According to the report, about 83% of the organizations have experienced more than one breach in their lifetime, with nearly half of the costs reported to be incurred more than a year after the breach.To read this article in full, please click here | Data Breach | ||
|
2022-08-01 05:07:00 | BrandPost: Solving the Challenges of Remediating Configuration Settings (lien direct) | A data breach can result in catastrophic consequences for any organization. Ensuring that your IT environment is safe from cyber threats can be a real challenge.To keep intruders out of your networks and data, you need more than up-to-date guidance. You also need to continually assess system configurations for conformance to security best practices and harden thousands of individual settings in your environment.But where do you start?Begin with recognized security best Practices The CIS Critical Security Controls (CIS Controls) are a prioritized set of actions that mitigate the most common cyber attacks. They translate cyber threat information into action. The CIS Benchmarks are secure configuration recommendations designed to safeguard systems against today's evolving cyber threats. Both CIS best practices provide organizations of all sizes with specific and actionable recommendations to enhance cyber defenses. Both are also mapped to or referenced by a number of industry standards and frameworks like NIST, HIPAA, PCI DSS, and more.To read this article in full, please click here | Data Breach Threat | ||
|
2022-07-29 19:34:45 | 911 Proxy Service Implodes After Disclosing Breach (lien direct) | 911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business operations. The abrupt closure comes ten days after KrebsOnSecurity published an in-depth look at 911 and its connections to shady pay-per-install affiliate programs that secretly bundled 911's proxy software with other titles, including “free” utilities and pirated software. | Data Breach | ||
|
2022-07-29 16:44:16 | To settle with the DoJ, Uber must confess to a cover-up. And it did. (lien direct) | The 2016 Uber data breach affected the personal information of 57 million people. And then the company covered it all up. | Data Breach | Uber Uber | |
 |
2022-07-29 15:43:19 | Big Questions Remain Around Massive Shanghai Police Data Breach (lien direct) | Why was PII belonging to nearly 1 billion people housed in a single, open database? Why didn't anyone notice it was downloaded? | Data Breach | ||
 |
2022-07-29 12:02:50 | OneTouchPoint Discloses Data Breach Impacting Over 30 Healthcare Firms (lien direct) | Mailing and printing services vendor OneTouchPoint has disclosed a data breach impacting more than 30 healthcare providers and health insurance carriers. Headquartered in Hartland, Wisconsin, OneTouchPoint offers print, marketing execution and supply chain management services to organizations in the healthcare sector. | Data Breach | ||
 |
2022-07-28 16:00:00 | Checklist 289: Breaches, Edits, and Heat (lien direct) | >IBM reports on the cost of a data breach - and it impacts you even if you haven't been involved in one. Plus: The latest iOS 16 beta shows that Apple is listening. | Data Breach | ||
 |
2022-07-28 00:00:00 | 2022 semble être sur la cible de l'année la plus basse des violations signalées par les grandes sociétés américaines dans les six premiers mois de 2022, les grandes sociétés américaines [de revenus> 2 milliards] ont déclaré le moins de violations de données au cours des cinq dernières années. 2022 seems to be on target for the lowest year of reported breaches by large US corporationsIn the first six months of 2022, large [Revenue >2bn] US corporations reported the fewest data breaches in the past five years.Read More (lien direct) |
âThe number of data breaches reported in the first 6 months of 2022 has put this year on track to be the lowest year of reports in the last 5 years for large [Revenue >2bn] US corporations. By looking at the rate at which data breach events have been reported so far this year, we predict that the number of events reported is expected to be15-20% of the number of breaches reported in 2021âPossible causes:Increased reporting delays: But the time to report has shown a decreasing trend over the last 4 yearsGenuine improvement in cyber defenses preventing data exfiltration Reduction in reporting requirements, or public disclosure preventionIn this analysis we look at all the reported cyber events which involve data exfiltration (data breach), allocated to the year in which the event started. Comparing the number of events reported at each point during the year then gives us an indication for the rate which can be compared between years.The data and populationThe data collected represents public reports of data breaches from US companies with an annual revenue above $2bn (Excluding public services).The data used includes breach events reported up to end of Q2 2022It is this area where the cyber reporting requirements are highest, there is a high level of data available. It is important to note that this will not be all events which occur, only those disclosed, but by looking for changes in the behavior we can look at the potential causes.Overall Breach CountAs of the end of Q2 2022, we have seen 18 breach reports of events occurring in 2022 compared to the 160 cyber events reported from 2021, and 292 from 2020. While we are only 50% through 2022, the number of events reported so far from the first half is 25% of the 2021 total reported at the same point through 2021. To fully compare 2022 against prior years we need to take into account a number of factors:Events not yet reported: some events have occurred but have not yet been reported either because they have not yet been discovered, or because the have been discovered but not publicly disclosedEvents not yet occurred: events which have yet to occur, in the second half of 2022 (and have not yet been reported)âââHow the year unfoldsTo explore how 2022 is emerging, we can look at the rate at which events are being reported. That is to show not just the total report to date, but how the total number of events reported in a year has emerged from the start of the year. To do this we plot the cumulative number of events reported vs the number of days from the start of each incident year.What we see is an indication of how many incidents have been reported from each year have been reported after the same number of days. A steep curve indicates a greater number of incidents reported per month.** Note that the event counts are lower because we do not have exact disclosure dates for all events.ââFrom the chart we can see that the number of reported cyber incidents after 6 months (180 days) of experience is low for 2022 compared with all other years since 2015. This leads us to believe that 2022 is on track to have a very low number of overall incidents reported.There could be a few explanations for thisReporting Delay: The time taken to report incidents has increased in 2022, and there will be a correction in the later part of the yearCybersecurity Investment: The overall number of incidents reported will be lower due to improvements in security postureRegulatory Action: the overall number of incidents reported will be lower due to changes in how the events are reported (or required to be reported)âReporting DelayTo consider if the low reported number of events in 2022 is being driven by an increase in a delay between a cyber event starting and it being reported, we have looked at the trend over the last 10 yearsThe chart below shows the trend over the last 10 years.âââThere has been a steady reduction in median reporting delay from 204 days in 2017 to 63 days | Data Breach Prediction Cloud | ★★★ | |
 |
2022-07-27 20:12:10 | Uber\'s former head of security faces fraud charges after allegedly covering up data breach (lien direct) | The former Chief Security Officer of Uber is facing wire fraud charges over allegations that he covered up a data breach that saw hackers steal the records of 57 million passengers and drivers. Read more in my article on the Hot for Security blog. | Data Breach | Uber Uber | |
|
2022-07-27 17:21:51 | Average Data Breach Costs Soar to $4.4M in 2022 (lien direct) | Call it a 'cyber-tax': Those costs are usually passed on to consumers, not investors, as compromised businesses raise prices for goods and services. | Data Breach | ||
|
2022-07-27 14:10:49 | IBM Security: Cost of Data Breach Hitting All-Time Highs (lien direct) | A study commissioned by IBM Security says the global average cost of a data breach reached an all-time high of $4.35 million and warned that the absence of zero trust principles at studied organizations are pushing those costs even higher. | Data Breach | ||
|
2022-07-27 11:34:53 | Twitter Data Breach From Former Gartner Cybersecurity Analyst (lien direct) | Following the news that Twitter suffered a data breach that saw 5.4 million users' details leaked online please find a comment below from Cyber security experts. The comment covers how the attack opens the door to high-profile attacks on famous users, with the likely outcome of crypto scam efforts, and the further threats that can […] | Data Breach | ||
|
2022-07-27 10:32:19 | T-Mobile agrees to pay customers $350 million in settlement over data breach (lien direct) | >T-Mobile has proposed to settle its 2021 data breach by paying $350 million, along with an incremental spend of $150 million in security. | Data Breach | ||
 |
2022-07-27 10:00:00 | Fallout from massive Shanghai Police data breach reverberates on dark web (lien direct) | >A surge in Chinese activity on a popular data breach site followed the June 30 post offering information on 1 billion residents of China. | Data Breach | ||
|
2022-07-27 09:47:11 | Cost of Data Breach Reaches $4.35m on Average Globally (lien direct) | The average cost of a data breach globally has reached a new high of $4.35m. This figure has increased by 13% since 2020, according to IBM. The IBM Cost of a Data Breach Report was compiled from interviews with 550 organisations in 17 countries that were breached between March 2021 and March 2022. The firm’s […] | Data Breach | ||
 |
2022-07-27 09:00:00 | data breach (lien direct) | Pas de details / No more details | Data Breach | ||
|
2022-07-27 04:01:55 | Average cost of data breach surpasses $4 million for many organizations (lien direct) | >Beyond the immediate costs of a data breach, almost half of the total costs occur more than a year after the incident, says IBM Security. | Data Breach | ||
|
2022-07-27 04:01:00 | What\'s New in the 2022 Cost of a Data Breach Report (lien direct) | >The average cost of a data breach reached an all-time high of $4.35 million this year, according to newly published 2022 Cost of a Data Breach Report, an increase of 2.6% from a year ago and 12.7% since 2020. | Data Breach | ||
 |
2022-07-27 03:00:00 | Is any organisation risk and data breach free? (lien direct) | >I walked into a business the other day. After a long conversation about the client's need for cybersecurity and the implementation of the ISO27001 security standard, we talked about their risk appetite. “We don’t accept any risk. We’re risk-averse” said the CEO. But, is this achievable? Given the complexity of our modern world, with diversity […]… Read More | Data Breach | ||
|
2022-07-27 01:46:42 | Wawa Agrees to Payment, Security Changes for \'19 Data Breach (lien direct) | A Pennsylvania-based convenience store chain will pay $8 million to several states over a 2019 data breach that involved some 34 million payment cards, authorities announced Tuesday. | Data Breach | ||
|
2022-07-26 11:34:02 | Uber Admits Covering Up 2016 Data Breach That Exposed 57M Users\' Data (lien direct) | Uber has admitted to covering up a massive cybersecurity attack that took place in October 2016, exposing the confidential data of 57 million customers and drivers, as part of a settlement with the US Department of Justice in order to avoid prosecution. More on the story here: https://www.theverge.com/2022/7/25/23277161/uber-2016-data-breach-settlement-cover-up | Data Breach | Uber Uber | |
|
2022-07-26 10:29:13 | Data Stolen in Breach at Security Company Entrust (lien direct) | Entrust suffered a data breach last month and the security company has confirmed that the attackers have stolen some files. | Data Breach | ||
|
2022-07-25 16:31:13 | Lock down your Neopets account: Data breach being investigated (lien direct) | >We take a look at claims that virtual pet favourite, Neopets, has had its user database breached, and what you can do about it. | Data Breach | ||
 |
2022-07-25 16:20:53 | T-Mobile to cough up $500 million over 2021 data breach (lien direct) | Technically, it's not a fine, and the lawyers will get a big chunk of it. But it still adds up to a half-billion-dollar data breach. | Data Breach | ||
|
2022-07-25 13:20:58 | Uber Settles With Federal Investigators Over 2016 Data Breach Coverup (lien direct) | Uber has entered a non-prosecution agreement to resolve a criminal investigation into the manner in which the company handled a 2016 data breach that impacted 57 million users and drivers. | Data Breach | Uber | |
|
2022-07-25 09:49:03 | Neopets Confirm Data Breach (lien direct) | As reported last week, over 69 million users of the site Neopets, a popular virtual pet website, may have had their data compromised in the first known US mega breach of the year. The company took to Twitter to confirm the news. Neopets is owned by Viacom. The Tweet said: “Neopets recently became aware that […] | Data Breach |
To see everything:
Our RSS (filtrered)
