What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-07-30 09:49:04 | Boys Town Healthcare Data Breach Exposed Personal Details of Patients (lien direct) | Another day, Another data breach!
This time-sensitive and personal data of hundreds of thousands of people at Boys Town National Research Hospital have been exposed in what appears to be the largest ever reported breach by a pediatric care provider or children's hospital.
According to the U.S. Department of Health and Human Services Office for Civil Rights, the breach incident affected
|
Data Breach | ||
 |
2018-07-30 05:41:05 | Massive Singapore Healthcare Breach Possibly Involved Contractor (lien direct) | Researchers have come across two Pastebin posts that could shed more light on the data breach that resulted in the health records of 1.5 million Singaporeans getting stolen by hackers. | Data Breach | ||
 |
2018-07-27 13:00:00 | Things I Hearted this Week, 27th July 2018 (lien direct) |
Welcome to your weekly security roundup, providing you all with the security news you deserve, but maybe might not need.
As always, these news stories are human-curated by me - no fancy algorithms, no machine learning, and definitely no trending topics here.
We are less than two weeks away from Blackhat in sunny Las Vegas. We’ll be there - pop along to booth 528 and say hello if you’re there.
Google: Security Keys Neutralized Employee Phishing
Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes.
Google: Security Keys Neutralized Employee Phishing | Krebs on Security
While we’re on the topic of phishing, attackers used phishing emails to break into a Virginia bank twice in eight months, making off with more than $2.4 million in total. Now the bank is suing its cybersecurity insurance provider for refusing to fully cover the loss.
Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M | Krebs on Security
We’re probably going to see more of this kind of back and forth as companies that have taken out cyber insurance and suffered a breach fight with their insurers over liability and who will cover the cost.
Somewhat related:
Scam of the week, another new CEO fraud phishing wrinkle | KnowBe4
Breaking the Chain
Supply chain and third party risks are getting better understood, but understanding a risk doesn’t necessarily mean it will reduce the risk.
Tesla, VW, and dozens of other car manufacturers had their sensitive information exposed due to a weak security link in their supply chains.
Tesla, VW data was left exposed by supply chain vendor Level One Robotics | SC Magazine
SIM Swap - A Victim’s Perspective
This is a really good write-up by AntiSocial engineer taking a look at how SIM swap fraud can impact victims, and why mobile phone operators need to do more to prevent this kind of fraud.
“It’s an all too common story, the signal bars disappear from your mobile phone, you ring the phone number – it rings, but it’s not your phone ringing. Chaos ensues. You’re now getting password reset emails from Facebook and Google. You try to login to your bank but your password fails. Soon enough the emails stop coming as attackers reset your account passwords. You have just become the newest victim of SIM Swap Fraud and your phone number is now at the control of an unknown person.”
SIM Swap Fraud - a victim’s perspective | AntiSocial Engineer
EU Fails to Regulate IoT Security
In this week’s head-scratching moment of “what were they thinking?”, the European Commission has rejected consumer groups' calls for mandatory security for consumer internet-connected devices because they believe voluntar |
Data Breach Hack | Tesla | |
 |
2018-07-27 11:35:05 | Incident Response Under GDPR: What to Do Before, During and After a Data Breach (lien direct) | >With GDPR in full swing, organizations need to prepare their incident response plans to move swiftly in the event of a breach and meet the mandated 72-hour incident disclosure window. | Data Breach | ||
 |
2018-07-27 09:56:03 | Mauvaise gestion des mots de passe et montée en puissance de l\'authentification multifacteurs (lien direct) | La sécurité des mots de passe est l'un des problèmes les plus importants auxquels la sécurité informatique est confrontée aujourd'hui. Selon le Verizon Data Breach Report 2017, 81 % des atteintes à la protection des données sont causées par des mots de passe faibles ou volés. Pour surmonter ces défis, de nombreuses organisations se tournent vers la technologie d'authentification multifacteurs (MFA) afin de fournir une approche multicouches et de réduire le rôle que jouent les mots de passe lors de la (...) - Investigations | Data Breach | ||
 |
2018-07-26 11:59:05 | Under GDPR, Data Breach Reports in UK Have Quadrupled (lien direct) | Privacy Regulator Sees 1,750 Breach Reports in June, Up From 400 in April View Full Story ORIGINAL SOURCE: Bank Infosecurity | Data Breach | ||
|
2018-07-25 11:44:03 | The Foundation of Cyber-Attacks: Credential Harvesting (lien direct) | Recent reports of a newly detected Smoke Loader infection campaign and the re-emergence of Magecart-based cyber-attacks illustrate a common tactic used by cyber criminals and state-sponsored attackers alike ― credential harvesting. According to the Verizon 2017 Data Breach Investigation Report, 81% of hacking-related breaches leverage either stolen, default, or weak credentials. | Data Breach | ||
|
2018-07-24 14:50:02 | (Déjà vu) Data breach exposes trade secrets of carmakers VW, Toyota and GM (lien direct) | Ten years’ worth of data belonging to some of the world’s biggest carmakers including Volkswagen, Fiat Chrysler and Toyota has been accidentally made available online, it has emerged. View Full Story ORIGINAL SOURCE: Telegraph | Data Breach | ||
|
2018-07-23 15:29:03 | Singapore experiences its worst data breach (lien direct) | A Singapore healthcare database was hacked in what is the country’s worst cyber attack, with medical records of Prime Minister Lee Hsien Loong among those stolen. View full story ORIGINAL SOURCE: CNBC | Data Breach | ||
 |
2018-07-23 10:30:02 | Singapore Data Breach (lien direct) | News broke earlier today that a major cyberattack on Singapore's government health database stole the personal information of about 1.5 million people, including Prime Minister Lee Hsien Loong. In response to this news, IT security experts commented below. Ramon Vicens, CTO at Blueliv: “It may be some time before we know exactly how the hackers got into the Singaporean government … The ISBuzz Post: This Post Singapore Data Breach | Data Breach | ||
|
2018-07-20 23:25:03 | Half Of US Retailers Have Seen A Data Breach This Year (lien direct) | Following research from Thales eSecurity that has revealed that 50 per cent of US retailers have experienced a breach in 2018, up from 19 per cent last year, Ross Rustici, Senior Director of Intelligence Services at Cybereason, explains why this increase has occurred. Ross Rustici, Senior Director of Intelligence Services at Cybereason: “This jump is most likely a … The ISBuzz Post: This Post Half Of US Retailers Have Seen A Data Breach This Year | Data Breach | ★★ | |
 |
2018-07-20 18:34:02 | (Déjà vu) SingHealth, largest healthcare group in Singapore, suffered a massive data breach (lien direct) | SingHealth, the largest healthcare group in Singapore, suffered a massive data breach that exposed 1.5 Million patient records. The largest healthcare group in Singapore, SingHealth, has suffered a massive data breach that exposed personal information of 1.5 million patients who visited the clinics of the company between May 2015 and July 2018. Stolen records include […] | Data Breach | ★★★★ | |
 |
2018-07-20 13:59:00 | Singapore Health Services Data Breach Exposes Info on 1.5 Million People (lien direct) | Attackers, repeatedly and specifically, targeted Singapore Prime Minister Lee Hsien Loong's medication data. | Data Breach | ||
|
2018-07-20 13:30:01 | Human Resources Company ComplyRight Suffers Data Breach (lien direct) | It has been reported that cloud-based human resources company ComplyRight said this week that a security breach of its Web site may have jeopardised sensitive consumer information - including names, addresses, phone numbers, email addresses and Social Security numbers - from tax forms submitted by the company's thousands of clients on behalf of employees. Florida-based ComplyRight began mailing breach notification letters … The ISBuzz Post: This Post Human Resources Company ComplyRight Suffers Data Breach | Data Breach | ★★★★★ | |
|
2018-07-20 13:10:00 | HR Services Firm ComplyRight Suffers Major Data Breach (lien direct) | More than 7,500 customer companies were affected, and the number of individuals whose information was leaked is unknown. | Data Breach | ||
 |
2018-07-20 10:45:01 | Data of 1.5 Million People Breached in Singapore\'s \'Worst\' Digital Attack (lien direct) | A data breach that’s being described as Singapore’s “worst” digital attack on record exposed the personal information of an estimated 1.5 million people. On 20 July, multiple ministries Singapore’s government held a press conference on what they believe was a state-sponsored attack. They didn’t reveal whom they felt was responsible for targeting SingHealth, the island […]… Read More | Data Breach | ||
|
2018-07-20 05:28:00 | Singapore\'s Largest Healthcare Group Hacked, 1.5 Million Patient Records Stolen (lien direct) | Singapore's largest healthcare group, SingHealth, has suffered a massive data breach that allowed hackers to snatch personal information on 1.5 million patients who visited SingHealth clinics between May 2015 and July 2018.
SingHealth is the largest healthcare group in Singapore with 2 tertiary hospitals, 5 national specialty , and eight polyclinics.
According to an advisory released by
|
Data Breach | ||
|
2018-07-20 05:06:04 | HR Services Firm ComplyRight Suffers Data Breach (lien direct) | Florida-based HR services provider ComplyRight revealed recently that its tax reporting platform was involved in a cybersecurity incident that resulted in the exposure of personal information. | Data Breach | ||
 |
2018-07-18 13:01:00 | Abuse inquiry fined £200,000 for email data breach (lien direct) | A mass email using the "to" field instead of the "bcc" field identified possible abuse victims. | Data Breach | ||
 |
2018-07-17 08:33:00 | IDG Contributor Network: 8 steps to secure unmanaged devices in the enterprise (lien direct) | For many years now, enterprise networks have seen a steady stream of new devices that are outside of IT department control. The mobility trend has given way to the rise of the IoT and the result is a lot of unmanageable endpoints that represent a clear security risk. Smart lighting, printers, Bluetooth keyboards, smart TVs, video cameras, switches and routers are all connected devices that often lack any built-in security.This security blind spot is ripe for exploitation by cybercriminals probing your network for weaknesses. Despite 97 percent of risk professionals admitting that a data breach or cyber-attack caused by unsecure IoT devices could be catastrophic for their organization, according to a survey by the Ponemon Institute and Shared Assessments, just 15 percent have an inventory of most of their IoT and only 46 percent have a policy in place to disable devices that pose a risk. | Data Breach | ||
|
2018-07-12 23:27:00 | The Most Common Hack Is Also the Most Successful. Here\'s How to Fight It. (lien direct) | Despite what movies might show, most hacks don't involve frantic typing or brute-force attacks. In fact, Verizon’s “2017 Data Breach Investigations” report revealed that 90 percent of successful hacks aren't hacks at all: They’re social engineering. Simply put, social engineering is about manipulating people rather than computers. Modern hackers have discovered that it is easier … The ISBuzz Post: This Post The Most Common Hack Is Also the Most Successful. Here’s How to Fight It. | Data Breach Hack | ||
|
2018-07-12 18:07:04 | Timehop provides additional details on the recent security breach (lien direct) | Timehop has recently announced to have suffered a data breach that affected 21 million user accounts. The company now shares additional details about the incident. Timehop service aims to help people in finding new ways to connect with each other by analyzing past activities, earlier this month, the company revealed that one or more malicious hackers […] | Data Breach | ||
 |
2018-07-12 15:06:04 | Timehop data breach is worse than they initially said (lien direct) |  'Time capsule' app Timehop has revealed that it made a boo-boo when it initially shared details over the weekend of a data breach involving millions of users' names, email addresses, and phone numbers.
|
Data Breach | ||
|
2018-07-12 14:46:03 | Average cost of a data breach exceeds $3.8 million, claims report (lien direct) |  Data breaches are getting more expensive.
That's one of the findings of a new global study by the Ponemon Institute that examines the financial impact of a corporate data breach.
Read more in my article on the Tripwire State of Security blog.
|
Data Breach | ||
|
2018-07-12 12:47:03 | Timehop Shares More Details on Data Breach (lien direct) | Timehop has shared additional details about the recent data breach that impacted roughly 21 million user accounts, including what the attackers did once they gained access to the company's systems and what other type of information was compromised. | Data Breach | ||
 |
2018-07-12 12:30:00 | IBM: A data breach will now cost your organization $3.86 million, if you\'re lucky (lien direct) | There are hidden costs over time which make the bill far larger than you may expect. | Data Breach | ||
 |
2018-07-11 14:26:05 | A data breach may be more expensive than you think, thanks to these hidden costs (lien direct) | According to an IBM report, a data breach can cost $3.86 million. Here are the main factors. | Data Breach | ||
|
2018-07-11 14:10:00 | This Is How Much a \'Mega Breach\' Really Costs (lien direct) | The average cost of a data breach is $3.86 million, but breaches affecting more than 1 million records are far more expensive. | Data Breach | ||
|
2018-07-11 14:04:00 | 73% of orgs have only 1 person updating their systems, increasing ransomware risk (lien direct) | Nearly half of companies have experienced a cyberattack or data breach in the past year, according to a Sungard AS survey. | Ransomware Data Breach | ||
|
2018-07-11 12:00:05 | Calculating the Cost of a Data Breach in 2018, the Age of AI and the IoT (lien direct) | >The 2018 Cost of a Data Breach Study from Ponemon Institute reveals that the total cost, per-capita cost and average size of a data breach have all increased year over year. | Data Breach | ||
|
2018-07-10 22:09:00 | Macy\'s, Bloomingdales Alert Online Customers of Data Breach (lien direct) | Macy's is notifying customers of a data breach involving unauthorized access to their payment card data and personal information. In a notice sent to affected customers, Macy's said it first detected suspicious login activity from certain Macys.com accounts on June 11, 2018. “Based on our investigation, we believe that an unauthorized third-party – from approximately […]… Read More | Data Breach | ||
|
2018-07-10 11:01:01 | Proposed Changes to New Zealand\'s Privacy Act (lien direct) | A new bill to repeal and replace the 1993 Privacy Act of New Zealand is awaiting approval. If the changes are accepted, the bill would mandate that public and private sector agencies notify affected individuals and the Privacy Commissioner when they experience a data breach that poses a risk of harm. View full story ORIGINAL SOURCE: Infosecurity ... | Data Breach | ||
|
2018-07-10 03:00:00 | Duty of care: Why (and how) law firms should up their security game (lien direct) | June 17, 1972, changed the legal profession forever.The Watergate break-in, and subsequent coverup, implicated more than a dozen lawyers working for the White House or the Committee for the Re-election of the President (CREEP). The scandal led to calls to regulate the legal profession, and today ethics is a mandatory part of law school training and bar association rules of conduct. [ How much does a data breach cost? Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ] | Data Breach | ||
|
2018-07-09 17:00:00 | Insurers Sue Trustwave for $30M Over \'08 Heartland Data Breach (lien direct) | Lawsuit filed by Lexington Insurance and Beazley Insurance is in response to a Trustwave legal filing that called their claims meritless. | Data Breach | ||
|
2018-07-09 11:17:00 | Timehop Data Breach Hits 21 Million Users (lien direct) | Timehop informed users late last week that hackers gained unauthorized access to some of its systems as part of an attack that impacts roughly 21 million accounts. | Data Breach | ||
|
2018-07-09 11:06:03 | Timehop Confirms Data Breach Affected 21 Million Users (lien direct) | Timehop confirmed that a data breach affected certain pieces of personal information belonging to 21 million of its users. According to a statement posted on its website, the service that distributes social media memories to its members detected a network intrusion in the afternoon of 4 July. Timehop learned that those responsible for the incident […]… Read More | Data Breach | ||
|
2018-07-09 05:38:00 | DomainFactory Hacked-Hosting Provider Asks All Users to Change Passwords (lien direct) | Besides Timehop, another data breach was discovered last week that affects users of one of the largest web hosting companies in Germany, DomainFactory, owned by GoDaddy.
The breach initially happened back in last January this year and just emerged last Tuesday when an unknown attacker himself posted a breach note on the DomainFactory support forum.
It turns out that the attacker breached
|
Data Breach | ||
|
2018-07-09 03:20:01 | Timehop Hacked - Hackers Stole Personal Data Of All 21 Million Users (lien direct) | And the hacks just keep on coming.
Timehop social media app has been hit by a major data breach on July 4th that compromised the personal data of its more than 21 million users.
Timehop is a simple social media app that collects your old photos and posts from your iPhone, Facebook, Instagram, Twitter and Foursquare and acts as a digital time machine to help you find-what you were doing on
|
Data Breach | ||
|
2018-07-06 11:11:00 | Wisconsin County Reveals Phishing Attack Most Likely to Blame for Data Breach (lien direct) | A county in Wisconsin revealed that a phishing attack was most likely to blame for a data breach of some service recipients’ personal information. On 22 June, Manitowoc County posted a statement about the incident to its website. County officials wrote that they first learned of the attack on 24 April. Upon discovery of the […]… Read More | Data Breach | ||
|
2018-07-06 10:00:03 | 72 Hours: How a Data Breach Response Plan Can Help You Meet the GDPR Notification Deadline (lien direct) | >Without a data breach response plan, companies will find it difficult to disclose security incidents within 72 hours as required by the General Data Protection Regulation (GDPR). | Data Breach | ||
|
2018-07-05 13:55:01 | Harvey Norman apologises to customers for data breach (lien direct) | Home and lifestyle retailer Harvey Norman has apologised to customers after suffering a data breach through the systems of a third-party website service provider. Harvey Norman operates 13 outlets in the Republic and two stores in Northern Ireland. Its 13th store in the Republic was opened last year after it acquired a 60,000sq ft facility in Tallaght's ... | Data Breach | ★★ | |
|
2018-07-05 11:08:05 | Irish Retailer Reveals It Was Affected by International Data Breach (lien direct) | An Irish retailer revealed that an international data breach might have exposed some of its customers’ personal information. On 4 July, Harvey Norman Ireland sent out a letter to customers informing them of the incident. Its correspondence didn’t disclose the number of customers potentially affected by the breach. But it did identify the types of […]… Read More | Data Breach | ||
|
2018-07-05 03:28:00 | Facebook Responding to US Regulators in Data Breach Probe (lien direct) | Facebook acknowledged Tuesday it was facing multiple inquiries from US and British regulators about the major Cambridge Analytica user data scandal. | Data Breach | ||
|
2018-07-04 19:38:03 | NHS Data Breach – Why Software Need Health Check-Ups (lien direct) | The NHS has revealed a coding error affecting 150,000 patients, sharing information they had chosen to keep private. Are your GDPR alarm bells ringing? CAST is a pioneer in Software Intelligence and a Euronext listed company. It has previously educated businesses on the importance of software architecture scans. Like MRIs, these show the internal workings of a company's … The ISBuzz Post: This Post NHS Data Breach – Why Software Need Health Check-Ups | Data Breach | ★★★★ | |
|
2018-07-04 14:18:02 | A cybersecurity fund has returned more than 30 percent since the Equifax data breach (lien direct) | As the rest of the stock market has struggled on heightened trade rhetoric and many big technology companies have faced regulatory scrutiny over data privacy issues, one subsector of that industry has been on fire: cybersecurity. Companies in the fund include Palo Alto Networks, Fortinet, FireEye, Juniper Networks, CyberArk Software, Symantec and Cisco. Gartner recently ... | Data Breach | Equifax | ★★ |
|
2018-07-02 18:55:00 | No data breach at Patreon, but proactive notice caused some concern (lien direct) | Patreon, the membership platform that helps creators get paid for their work, sent users a letter on Monday warning them about a data breach at Typeform.Patreon uses Typeform for user surveys, and on June 27, Typeform announced a data breach that impacts thousands of people. Being proactive, Patreon wanted to alert their users, but the wording of the letter led to some confusion.The Patreon letter recaps the Typeform data breach, and then informs the recipient that "as a result, we are reaching out to you as the data that was potentially impacted includes your [name and email address]." | Data Breach | ||
|
2018-07-02 16:23:00 | NHS data breach affects 150,000 patients in England (lien direct) | A coding error is blamed for information being used for purposes other than individuals' care. | Data Breach | ||
|
2018-07-02 12:45:00 | Homeland Security subpoenas Twitter for data breach finder\'s account (lien direct) | The subpoena demanded Twitter turn over information that would identify the data breach finder. | Data Breach | ||
|
2018-07-02 11:56:01 | Typeform data breach exposes users of many websites (lien direct) |  You may have never heard of Typeform, but they may have just lost some of your personal data.
|
Data Breach | ||
|
2018-06-30 13:58:01 | The popular online survey software Typeform suffered a security breach (lien direct) | Typeform, the popular online survey platform, has suffered a data breach that exposed partial data of some users, no payment card data was stolen. Typeform, the popular online survey platform, is the last victim of a data breach. Typeform software is widely adopted by businesses worldwide to easily arrange surveys, it allows easy creation of […] | Data Breach |
To see everything:
Our RSS (filtrered)
