What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-08-14 10:30:00 | Natwest offre une compensation aux clients touchés par la violation de données exposés par dénonciateur NatWest offers compensation to customer affected by data breach exposed by whistleblower (lien direct) |
Data Breach | ★★ | ||
 |
2023-08-14 08:42:09 | Le Colorado prévient 4 millions de données volées dans IBM Moveit Breach Colorado warns 4 million of data stolen in IBM MOVEit breach (lien direct) |
Le Colorado Department of Health Care Policy & Financing (HCPF) alerte plus de quatre millions de personnes d'une violation de données qui ont eu un impact sur leurs informations personnelles et santé.[...]
The Colorado Department of Health Care Policy & Financing (HCPF) is alerting more than four million individuals of a data breach that impacted their personal and health information. [...] |
Data Breach | ★★ | |
 |
2023-08-11 12:41:03 | Histoire majeure & # 8211;La violation de données expose les données de police sensibles en Irlande du Nord Major Story – Data Breach Exposes Sensitive Police Data In Northern Ireland (lien direct) |
Dans un coup important pour la sécurité des données, le service de police d'Irlande du Nord (PSNI) a été victime d'une violation de données majeure cette semaine, ce qui a entraîné l'exposition d'informations sensibles aux officiers et aux citoyens, ce qui soulève des préoccupations concernant les implications potentiellespour la sécurité nationale et la vie privée.La brèche a compromis les données très sensibles, y compris [& # 8230;]
In a significant blow to data security, the Police Service of Northern Ireland (PSNI) has fallen victim to a major data breach this week, resulting in the exposure of sensitive information to both officers and citizens, raising concerns about the potential implications for national security and personal privacy. The breach compromised highly sensitive data including […] |
Data Breach | ★★ | |
 |
2023-08-11 11:24:56 | Le haut policier de l'Irlande du Nord \\ s'excuse pour la violation des données \\ 'industrielle \\' Northern Ireland\\'s Top Police Officer Apologizes for \\'Industrial Scale\\' Data Breach (lien direct) |
Le premier policier de l'Irlande du Nord \\ s'est excusé pour ce qu'il a décrit comme une violation de données «à l'échelle industrielle» dans laquelle les informations personnelles de plus de 10 000 officiers et du personnel ont été libérées au public.
Northern Ireland\'s top police officer apologized for what he described as an “industrial scale” data breach in which the personal information of more than 10,000 officers and staff was released to the public. |
Data Breach | ★★ | |
 |
2023-08-10 09:50:00 | Un nouveau coup à la sécurité PSNI comme une deuxième violation de données divulguée Fresh Blow to PSNI Security as Second Data Breach Disclosed (lien direct) |
Ce dernier incident a impliqué le vol d'une feuille de calcul contenant les noms de plus de 200 des agents de police et du personnel
This latest incident involved the theft of a spreadsheet containing the names of over 200 serving police officers and staff |
Data Breach | ★★ | |
 |
2023-08-09 18:55:00 | La sécurité des officiers et des civils du PSNI est compromis dans une violation de données majeure Safety of Officers & Civilians of PSNI Compromised in Major Data Breach (lien direct) |
Une erreur de neige dans un problème politique grave car la sécurité des policiers en Irlande du Nord est compromise dans une fuite de données accidentelles.
A mistake snowballs into a serious political issue as the safety of police officers in Northern Ireland is compromised in an accidental data leak. |
Data Breach | ★★ | |
|
2023-08-09 15:50:57 | Le Missouri prévient que les informations sur la santé ont été volées dans la violation de données IBM Moveit Missouri warns that health info was stolen in IBM MOVEit data breach (lien direct) |
Le Département des services sociaux du Missouri avertit que les informations protégées par Medicaid Healthcare ont été exposées dans une violation de données après que IBM a subi une attaque de vol de données Moveit.[...]
Missouri\'s Department of Social Services warns that protected Medicaid healthcare information was exposed in a data breach after IBM suffered a MOVEit data theft attack. [...] |
Data Breach | ★★ | |
 |
2023-08-09 12:29:13 | Violation de données majeure au Royaume-Uni: les systèmes de commission électorale compromis affectant plus de 40 millions d'électeurs Major Data Breach In The UK: Electoral Commission Systems Compromised Affecting Over 40 Million Voters (lien direct) |
Dans une récente révélation choquante, le Royaume-Uni a été témoin de sa violation de données la plus substantielle à ce jour.La ** Commission électorale **, un organisme indépendant créé par le Parlement britannique, a confirmé que & # 8220; acteurs hostiles & # 8221;a pénétré ses barrières numériques protectrices, permettant un accès non autorisé à ses systèmes pendant 14 mois stupéfiants.Cette violation approfondie signifie potentiellement que le [& # 8230;]
In a recent shocking revelation, the UK has witnessed its most substantial data breach to date. The **Electoral Commission**, an independent body set up by the UK Parliament, confirmed that “hostile actors” penetrated its protective digital barriers, allowing unauthorized access to its systems for a staggering 14 months. This extensive breach potentially means that the […] |
Data Breach | ★★ | |
 |
2023-08-08 22:20:47 | PSNI: Une violation des données majeure identifie des milliers d'officiers et de personnel civil PSNI: Major data breach identifies thousands of officers and civilian staff (lien direct) |
Un officier de haut niveau s'excuse pour la violation affectant la police et les employés d'Irlande du Nord.
A top officer apologises for the breach affecting police and employees in Northern Ireland. |
Data Breach | ★★★ | |
|
2023-08-08 16:30:00 | L'hôpital général de Tampa a poursuivi sa violation de données Tampa General Hospital Sued Over Data Breach (lien direct) |
Les demandeurs affirment que l'hôpital n'a pas sécurisé des données et a aggravé la situation en retardant la notification
Plaintiffs claim hospital didn\'t secure data and worsened the situation by delaying notification |
Data Breach | ★★ | |
|
2023-08-08 10:06:08 | La violation des données de la Commission électorale britannique expose 8 ans de données sur les électeurs UK Electoral Commission data breach exposes 8 years of voter data (lien direct) |
La Commission électorale britannique a révélé une violation massive de données exposant les informations personnelles de toute personne inscrite pour voter au Royaume-Uni entre 2014 et 2022. [...]
The UK Electoral Commission disclosed a massive data breach exposing the personal information of anyone who registered to vote in the United Kingdom between 2014 and 2022. [...] |
Data Breach | ★★ | |
|
2023-08-07 14:45:00 | Colorado Dept. of Higher Education a frappé avec une violation de données massive Colorado Dept. of Higher Education Hit With Massive Data Breach (lien direct) |
La semaine dernière, le département a découvert une violation de données survenue en juin résultant de ce qu'elle juge un incident de ransomware de cybersécurité.
Last week, the department uncovered a data breach that occurred back in June stemming from what it deems to be a cybersecurity ransomware incident. |
Ransomware Data Breach | ★★ | |
|
2023-08-07 09:43:27 | (Déjà vu) Le département de l'enseignement supérieur du Colorado révèle l'attaque des ransomwares, la violation de données Colorado Department of Higher Education Discloses Ransomware Attack, Data Breach (lien direct) |
> Département du Colorado de l'enseignement supérieur ciblé dans une attaque de ransomware qui a entraîné une violation de données sur de nombreux élèves et enseignants.
>Colorado Department of Higher Education targeted in a ransomware attack that resulted in a data breach impacting many students and teachers. |
Ransomware Data Breach | ★ | |
|
2023-08-05 12:16:27 | Le département de l'enseignement supérieur du Colorado met en garde contre une violation de données massive Colorado Department of Higher Education warns of massive data breach (lien direct) |
Le Département de l'enseignement supérieur du Colorado (CDHE) révèle une violation massive de données ayant un impact sur les étudiants, les anciens élèves et les enseignants après avoir subi une attaque de ransomware en juin.[...]
The Colorado Department of Higher Education (CDHE) discloses a massive data breach impacting students, past students, and teachers after suffering a ransomware attack in June. [...] |
Ransomware Data Breach | ★ | |
|
2023-08-03 12:39:18 | L'entrepreneur du gouvernement américain Serco divulgue la violation des données après les attaques Moveit US govt contractor Serco discloses data breach after MoveIT attacks (lien direct) |
Serco Inc, la division des Amériques de la société d'externalisation multinationale Serco Group, a divulgué une violation de données après que les attaquants ont volé les informations personnelles de plus de 10 000 personnes d'un serveur de transfert de fichiers géré par le fournisseur de tiers \\.[...]
Serco Inc, the Americas division of multinational outsourcing company Serco Group, has disclosed a data breach after attackers stole the personal information of over 10,000 individuals from a third-party vendor\'s MoveIT managed file transfer (MFT) server. [...] |
Data Breach | ★★ | |
 |
2023-08-03 12:17:16 | Watchdog de la vie privée claque le partage des données des patients via WhatsApp Privacy Watchdog Slams Sharing of Patient Data Via WhatsApp (lien direct) |
> Notre PDG, Brian Honan, parle de la violation de données aujourd'hui au Group de médias de sécurité de l'information (ISMG) de l'utilisation des IT de l'ombre dans les organisations.Lire la suite>
>Our CEO Brian Honan speaks to Data Breach Today at Information Security Media Group (ISMG) about the use of shadow IT in organisations. Read More > |
Data Breach | ★★ | |
|
2023-08-02 20:29:00 | Valic Retirement Services Company éprouve des violations de données PBI exposant environ 798 000 numéros de sécurité sociale VALIC Retirement Services Company Experiences PBI Data Breach Exposing Approximately 798,000 Social Security Numbers (lien direct) |
> Notre PDG, Brian Honan, parle de la violation de données aujourd'hui au Group de médias de sécurité de l'information (ISMG) de l'utilisation des IT de l'ombre dans les organisations.Lire la suite>
>Our CEO Brian Honan speaks to Data Breach Today at Information Security Media Group (ISMG) about the use of shadow IT in organisations. Read More > |
Data Breach | ★★ | |
 |
2023-08-02 03:22:12 | Une introduction à l'intelligence cyber-menace: concepts et principes clés An Introduction to Cyber Threat Intelligence: Key Concepts and Principles (lien direct) |
Cyber Threat Intelligence (CTI), ou Intelligence des menaces, est une connaissance fondée sur des preuves établie à partir des cyber-menaces actuelles, recueillies à partir de myriades de sources pour identifier les attaques existantes ou potentielles.Le renseignement des menaces aide à identifier les motivations, les cibles et les comportements d'attaque d'un acteur de menace et la mise en œuvre de fortes défenses contre les attaques futures.Selon le coût d'IBM \\ d'un rapport de violation de données 2022, la violation moyenne de données coûte 4,35 millions de dollars à ses victimes.En utilisant l'intelligence des menaces, ces pertes peuvent être atténuées et de telles attaques peuvent être évitées.Organisations de bienfaisance des bienfaisages ...
Cyber Threat Intelligence (CTI), or threat intelligence, is evidence-based knowledge established from current cyber threats, gathered from myriad sources to identify existing or potential attacks. Threat intelligence assists in identifying the motives, targets, and attack behaviors of a threat actor and implementing strong defenses from future attacks. According to IBM\'s Cost of a Data Breach 2022 report, the average data breach costs its victims $4.35 million. Using threat intelligence, these losses can be mitigated, and such attacks can be avoided. Threat intelligence benefits organizations... |
Data Breach Threat | ★★ | |
|
2023-08-01 03:02:52 | Conscience de la sécurité des médias sociaux: ce que vous devez savoir Social Media Security Awareness: What you Should Know (lien direct) |
Le dernier rapport d'enquête sur les violations de données de Verizon indique que plus de 70% des violations de données impliquaient l'élément humain.Les cybercriminels exploitent les gens pour les inciter à cliquer sur des liens dangereux, à ouvrir des pièces jointes malveillantes, à entrer leurs références dans des pages de connexion de faux, à partager des données sensibles et à autoriser des transferts de fonds frauduleux.Un domaine où de nombreux exploits ont lieu sur les plateformes de médias sociaux.Il est essentiel de faire preuve de prudence tout en utilisant des plateformes de médias sociaux en observant les meilleures pratiques de sécurité telles que l'utilisation de mots de passe forts, l'activation de l'authentification à deux facteurs et le fait d'être ...
The latest Verizon Data Breach Investigations report indicates that over 70% of data breaches involved the human element. Cybercriminals exploit people to trick them into clicking unsafe links, opening malicious attachments, entering their credentials into bogus login pages, sharing sensitive data, and authorizing fraudulent fund transfers. One area where many exploits take place is on social media platforms. It is essential to exercise caution while using social media platforms by observing security best practices such as using strong passwords, enabling two-factor authentication, and being... |
Data Breach | ★★★ | |
 |
2023-07-31 04:00:00 | L'IA réduit les cycles de vie et les coûts de violation de données AI reduces data breach lifecycles and costs (lien direct) |
> Les outils de cybersécurité que vous mettez en œuvre peuvent faire une différence dans l'avenir financier de votre entreprise.Selon le coût IBM 2023 d'un rapport de violation de données, les organisations utilisant l'IA de sécurité et l'automatisation ont engagé moins de coûts de violation de données par rapport aux entreprises n'utilisant pas les outils de cybersécurité basés sur l'IA.Le rapport a révélé que plus une organisation utilise [& # 8230;]
>The cybersecurity tools you implement can make a difference in the financial future of your business. According to the 2023 IBM Cost of a Data Breach report, organizations using security AI and automation incurred fewer data breach costs compared to businesses not using AI-based cybersecurity tools. The report found that the more an organization uses […] |
Data Breach Tool | ★★ | |
 |
2023-07-28 20:08:00 | La décision de la Cour irlandaise sur les pratiques publicitaires de Google pourrait avoir un impact mondial Irish court ruling over Google ad practices could have global impact (lien direct) |
Un groupe irlandais des libertés civiles s'est rendue devant les tribunaux à la fin de cette semaine pour accuser la Irish Data Protection Commission (DPC) - la National Independent Authority chargée de maintenir les droits à la confidentialité des données à travers l'Europe - de ne pas enquêter correctement sur le système de publicité en ligne de Google \\, qui, qui, quiIl est responsable de la plus grande violation de données jamais enregistrée.Parce que
An Irish civil liberties group went to court late this week to accuse the Irish Data Protection Commission (DPC) - the national independent authority responsible for upholding data privacy rights across Europe - of failing to properly investigate Google\'s online advertising system, which it says is responsible for the biggest data breach ever recorded. Because |
Data Breach | ★★ | |
|
2023-07-28 14:38:20 | Dans d'autres nouvelles: le coût de la violation des données augmente, la Russie cible les diplomates, les alertes du tracker dans Android In Other News: Data Breach Cost Rises, Russia Targets Diplomats, Tracker Alerts in Android (lien direct) |
> Roundup hebdomadaire des nouvelles de la cybersécurité qui fournit un résumé des histoires remarquables qui auraient pu glisser sous le radar pour la semaine du 24 juillet 2023.
>Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 24, 2023. |
Data Breach | ★★ | |
 |
2023-07-28 10:37:00 | Les agences de cybersécurité mettent en garde contre les bogues IDOR exploités pour les violations de données Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches (lien direct) |
Les agences de cybersécurité en Australie et aux États-Unis ont publié un avertissement conjoint de conseil en cybersécurité contre les défauts de sécurité dans les applications Web qui pourraient être exploités par des acteurs malveillants pour orchestrer les incidents de violation de données et voler des données confidentielles.
Cela inclut une classe spécifique de bogues appelés référence d'objet direct insécurité (IDOR), un type de défaut de contrôle d'accès qui se produit lorsqu'un
Cybersecurity agencies in Australia and the U.S. have published a joint cybersecurity advisory warning against security flaws in web applications that could be exploited by malicious actors to orchestrate data breach incidents and steal confidential data. This includes a specific class of bugs called Insecure Direct Object Reference (IDOR), a type of access control flaw that occurs when an |
Data Breach | ★★ | |
|
2023-07-27 17:36:56 | Base de données BreachForums et chats privés à vendre dans une violation de données de pirate BreachForums database and private chats for sale in hacker data breach (lien direct) |
Bien que les consommateurs soient généralement ceux qui s'inquiètent de l'exposition de leurs informations dans les violations de données, il est maintenant au tour de la notoriété de la base de données du forum de cybercriminalité contre la cybercriminalité.Ai-je été pwned.[...]
While consumers are usually the ones worried about their information being exposed in data breaches, it\'s now the hacker\'s turn, as the notorious Breached cybercrime forum\'s database is up for sale and member data shared with Have I Been Pwned. [...] |
Data Breach | ★★★ | |
|
2023-07-27 10:15:41 | 8 millions de personnes frappées par une violation de données à US GOVT Contractor Maximus 8 million people hit by data breach at US govt contractor Maximus (lien direct) |
L'entrepreneur des services du gouvernement américain Maximus a révélé un avertissement de violation de données que les pirates ont volé les données personnelles de 8 à 11 millions de personnes lors des récentes attaques de données de transfert de déplacement.[...]
U.S. government services contractor Maximus has disclosed a data breach warning that hackers stole the personal data of 8 to 11 million people during the recent MOVEit Transfer data-theft attacks. [...] |
Data Breach | ★★ | |
 |
2023-07-27 10:00:00 | Ce que vos pairs veulent savoir avant d'acheter un outil DLP What your peers want to know before buying a DLP tool (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Preventing data loss is a concern for almost every organization, regardless of size, especially organizations with sensitive data. Organizations, now more than ever before, rely on voluminous amounts of data to conduct business. When data leakage or a breach occurs, the organization is forced to deal with the negative consequences, such as the high cost associated with data breach fines and remediation and reputational harm to their company and brand. Data loss prevention (DLP) solutions help mitigate the risk of data loss. Losses can occur as a result of insider-related incidents (e.g., employee theft of proprietary information), or due to physical damage to computers, or as a result of human error (e.g., unintentional file deletion or sharing sensitive data in an email). In addition to the various ways an organization might experience data loss, mitigating the risk of loss requires the right people, processes, and technology. Meeting the technology requirement can be a challenge when it comes to selecting the right DLP solution. During the vendor exploration and evaluation phases, there may be questions about whether it makes sense to invest in a solution that protects the network, endpoints, or the cloud or whether it’s better to select a solution that protects the enterprise and takes into account the hybrid nature of many organizations. Data classification and labeling The decision to invest in a DLP solution should be informed by sufficient research and planning with key stakeholders. This blog will discuss three additional things you should consider before making such an investment. Let’s begin with the types of data an organization collects, stores, and analyzes to conduct business. To have a successful data loss prevention program, it’s important to identify all types of data (e.g., financial data, health data, or personally identifiable information) and to classify the data according to its value and the risk to the organization if it is leaked or exfiltrated. Data classification is the process of categorizing data to easily retrieve and store it for business use. It also protects it from loss and theft and enables regulatory compliance activities. Today, systems are more dispersed, and organizations have hybrid and remote workforce models, so it is critical to protect data regardless of where it resides or with whom it is shared. This kind of protection requires properly classified and labeled data. Automated data classification is foundational to preventing data loss. It is the best way for organizations to fully understand what types of data they have, as well as the characteristics of the data and what privacy and security requirements are necessary to protect the data. Properly classifying data also enables the organization to set policies for each data type. Techniques to identify sensitive data DLP solutions detect instances of either intentional or unintentional exfiltration of data. DLP policies describe what happens when a user uses sensitive data in a way the policy does not allow. For example, when a user attempts to print a document containing sensitive data to a home printer, the DLP policy might display a message stating that printing the docu | Data Breach Tool Cloud | ★★★ | |
 |
2023-07-26 19:21:29 | Le nouveau rapport IBM révèle que le coût d'une violation de données dépasse désormais 4,45 millions de dollars New IBM report reveals the cost of a data breach now tops $4.45 million (lien direct) |
IBM Security a publié son coût annuel d'un rapport de violation de données, révélant que le coût moyen mondial d'une violation de données a atteint 4,45 millions de dollars en 2023. Cela marque une augmentation significative de 15% au cours des 3 dernières années, faisant deC'est le coût le plus enregistré dans l'histoire du rapport.Notamment, les coûts de détection et d'escalade ont connu une augmentation substantielle de 42% au cours de la même période, indiquant un passage à des enquêtes de violation plus complexes.
IBM Security has released its annual Cost of a Data Breach Report, revealing that the global average cost of a data breach reached $4.45 million in 2023. This marks a significant increase of 15% over the past 3 years, making it the highest recorded cost in the history of the report. Notably, detection and escalation costs have seen a substantial rise of 42% during the same period, indicating a shift towards more complex breach investigations. |
Data Breach | ★★ | |
 |
2023-07-26 14:00:30 | 4 éléments essentiels pour une pile de sécurité cloud complète 4 Essential Elements for a Comprehensive Cloud Security Stack (lien direct) |
> La transformation numérique pousse les entités commerciales pour déployer des produits plus rapidement que jamais, mais à quel prix?Les équipes informatiques ressentent une pression colossale pour équilibrer la vitesse avec la sécurité.Bien qu'ils adoptent le nuage comme moyen de rester agile et évolutif, cela signifie également qu'ils sont plus vulnérables aux attaques malveillantes.Rien qu'en 2022, le coût moyen d'une violation de données aux États-Unis seul était de 9,44 millions de dollars.Dans cet article, nous examinerons comment votre entreprise peut réduire les dépendances, améliorer la sécurité et déléguer les tâches aux fournisseurs tout en augmentant la vitesse de développement en même temps.Nous explorerons les dernières tendances de l'industrie [& # 8230;]
>Digital transformation is pushing business entities to deploy products faster than ever, but at what cost? IT teams feel colossal pressure to balance speed with security. While they are adopting the cloud as a way to remain agile and scalable, this also means they are more vulnerable to malicious attacks. In 2022 alone, the average cost of a data breach in the US alone was $9.44 million. In this article, we’ll examine how your company can reduce dependencies, improve security and delegate tasks to vendors while increasing development velocity at the same time. We will explore the latest industry trends […] |
Data Breach Cloud | ★★ | |
|
2023-07-25 19:37:00 | IBM: Le coût des violations de données atteint un niveau record de 4,5 millions de dollars en 2023 IBM: Cost of data breaches reaches all-time high of $4.5 million in 2023 (lien direct) |
Le coût d'une violation de données est devenu plus élevé que jamais, selon le dernier rapport annuel d'IBM qui a révélé que les organisations paient désormais 4,5 millions de dollars pour faire face aux violations & # 8211;Une augmentation de 15% au cours des trois dernières années.Dans un rapport publié par IBM Security cette semaine, des chercheurs du Ponemon Institute examinés
The cost of a data breach has become higher than ever, according to the latest annual report from IBM that found organizations are now paying $4.5 million to deal with breaches – a 15% increase over the last three years. In a report published by IBM Security this week, researchers at the Ponemon Institute examined |
Data Breach | ★ | |
|
2023-07-25 09:46:40 | Déchiffrer le coût IBM d'un rapport de violation de données: une perspective statistique pour les chefs d'entreprise Deciphering the IBM Cost of a Data Breach Report: A Statistical Perspective for Business Leaders (lien direct) |
Le coût IBM d'un rapport de violation de données 2023 sert de ressource critique pour comprendre les implications financières des violations de données.Cet article vise à mettre en lumière les principales conclusions du rapport, fournissant des informations précieuses aux chefs d'entreprise.Les résultats sont résumés dans le tableau ci-dessous: Résultats clés Statistiques Coût total moyen d'un [& # 8230;]
The IBM Cost of a Data Breach Report 2023 serves as a critical resource for understanding the financial implications of data breaches. This article aims to spotlight the key findings from the report, providing valuable insights for business leaders. The findings are summarized in the table below: Key Findings Statistics Average total cost of a […] |
Data Breach | ★★ | |
|
2023-07-25 08:30:00 | Les coûts de violation de données atteignent un record mais tombent pour certains Data Breach Costs Hit Record High but Fall For Some (lien direct) |
L'étude annuelle d'IBM \\ révèle que plus de la moitié des entreprises violées adoptent les coûts
IBM\'s annual study finds over half of breached firms pass costs on |
Data Breach Studies | ★★ | |
|
2023-07-24 20:25:00 | Orgs face à un enregistrement de 4,5 millions de dollars par incident de violation de données Orgs Face Record $4.5M Per Data Breach Incident (lien direct) |
CL0P devrait gagner 100 millions de dollars sur la campagne Moveit, et selon une enquête qui vient d'être publiée, plus de la moitié des entreprises sont prêtes à transmettre des coûts de violation de données sur les clients.
Cl0p stands to make $100M on the MOVEit campaign, and according to a just-released survey, more than half of businesses are willing to pass data breach costs onto customers. |
Data Breach | ★★ | |
|
2023-07-24 16:30:00 | La violation des données de l'hôpital général de Tampa a un impact de 1,2 million de patients Tampa General Hospital Data Breach Impacts 1.2 Million Patients (lien direct) |
TGH a déclaré qu'il avait d'abord détecté une activité inhabituelle sur ses systèmes informatiques le 31 mai 2023
TGH said it first detected unusual activity on its computer systems on May 31 2023 |
Data Breach | ★★ | |
 |
2023-07-24 04:01:49 | Rapport IBM: le coût moyen d'une violation de données atteint 4,45 millions de dollars IBM Report: Average Cost of a Data Breach Rises to $4.45 Million (lien direct) |
IBM Security a également fourni des conseils pour prévenir et atténuer les violations de données.
IBM Security also provided tips for how to prevent and mitigate data breaches. |
Data Breach | ★★★★ | |
|
2023-07-24 04:01:00 | Ce qui est nouveau dans le coût en 2023 d'un rapport de violation de données What\\'s new in the 2023 Cost of a Data Breach report (lien direct) |
> Les coûts de violation de données continuent de croître, selon de nouvelles recherches, atteignant une moyenne mondiale record de 4,45 millions de dollars, ce qui représente une augmentation de 15% sur trois ans.Les coûts dans l'industrie des soins de santé ont continué à atteindre les graphiques, en tant que l'industrie la plus chère pour la 13e année consécutive.Pourtant, à mesure que les coûts de violation continuent de grimper, le [& # 8230;]
>Data breach costs continue to grow, according to new research, reaching a record-high global average of $4.45 million, representing a 15% increase over three years. Costs in the healthcare industry continued to top the charts, as the most expensive industry for the 13th year in a row. Yet as breach costs continue to climb, the […] |
Data Breach | ★ | |
|
2023-07-21 18:56:00 | Le DHL enquête sur la violation de Moveit car le nombre de victimes dépasse 20 millions DHL investigating MOVEit breach as number of victims surpasses 20 million (lien direct) |
La branche du Royaume-Uni du géant de l'expédition DHL a déclaré qu'elle enquêtait sur une violation de données réapprochée de son utilisation du logiciel Moveit, qui a été exploitée par un groupe de ransomwares basé en Russie depuis près de deux mois.Dans une déclaration à la future nouvelle enregistrée, DHL a confirmé que l'un de ses fournisseurs de logiciels avait été touché par
The United Kingdom arm of shipping giant DHL said it is investigating a data breach sourced back to its use of the MOVEit software, which has been exploited by a Russia-based ransomware group for nearly two months. In a statement to Recorded Future News, DHL confirmed that one of its software providers was impacted by |
Ransomware Data Breach | ★★★ | |
|
2023-07-20 14:11:43 | Géant des cosmétiques EST & Eacute; E Lauder ciblé par deux groupes de ransomwares Cosmetics Giant Estée Lauder Targeted by Two Ransomware Groups (lien direct) |
> Est & eacute; e Lauder a confirmé avoir subi une violation de données, tout comme deux groupes de ransomwares prétendaient avoir ciblé l'entreprise, tous deux voler de grandes quantités d'informations.
>Estée Lauder has confirmed suffering a data breach just as two ransomware groups claimed to have targeted the company, both allegedly stealing vast amounts of information. |
Ransomware Data Breach | ★★ | |
|
2023-07-20 02:53:24 | Trois raisons pour lesquelles la sécurité des entreprises commence par la formation des employés Three Reasons Why Business Security Starts with Employee Education (lien direct) |
L'erreur humaine est un facteur contribuant majeur aux violations des données de l'entreprise.Plus de 340 millions de personnes ont peut-être déjà été affectées par une violation de données au cours des quatre premiers mois de 2023. Avec les taux de cybercriminalité qui planent dans le monde, c'est clairement un domaine où l'investissement et l'expertise sont nécessaires.Bien que la mise à jour des ordinateurs portables avec les derniers logiciels anti-logiciels et la configuration des travailleurs avec des mots de passe complexes, l'authentification à deux facteurs (2FA) pour l'accès aux e-mails et un VPN sécurisé sont toutes de bonnes pratiques, le véritable investissement consiste à éduquer les employés.Ici \\ est pourquoi: une équipe est aussi bonne que son maillon le plus faible ...
Human error is a major contributing factor to company data breaches. More than 340 million people may already have been affected by a data breach in the first four months of 2023. With cybercrime rates soaring around the world, it\'s clearly an area where investment and expertise are required. While updating laptops with the latest antimalware software and setting up workers with complex passwords, two-factor authentication (2FA) for email access, and a secure VPN are all good practices, the real investment is in educating employees. Here\'s why: A team is only as good as its weakest link... |
Data Breach | ★★ | |
|
2023-07-19 09:03:29 | Obtenez une vie de protection VPN puissante pour vos données commerciales pour seulement 70 $ Get a Lifetime of Powerful VPN Protection for Your Business Data for Just $70 (lien direct) |
Il n'y a aucune raison de prendre des risques que votre entreprise subisse une violation de données lorsqu'une vie de protection puissante est si abordable.
There\'s no reason to take chances of your business suffering a data breach when a lifetime of powerful protection is so affordable. |
Data Breach | ★★ | |
|
2023-07-18 14:00:00 | JumpCloud confirme la violation des données par l'acteur de l'État-nation JumpCloud Confirms Data Breach By Nation-State Actor (lien direct) |
Le vecteur d'attaque a été identifié comme injection de données dans le cadre des commandes de l'entreprise
The attack vector was identified as data injection into the firm\'s commands framework |
Data Breach | ★★★ | |
|
2023-07-14 10:23:39 | La Colorado State University affirme que la violation des données a un impact sur les étudiants, le personnel Colorado State University says data breach impacts students, staff (lien direct) |
La Colorado State University (CSU) a confirmé que l'opération de ransomware de CloP avait volé des informations personnelles sensibles sur les étudiants et les employés actuels et anciens lors des récentes attaques de données de transfert de déplacement.[...]
Colorado State University (CSU) has confirmed that the Clop ransomware operation stole sensitive personal information of current and former students and employees during the recent MOVEit Transfer data-theft attacks. [...] |
Ransomware Data Breach | ★★ | |
|
2023-07-14 04:09:40 | Shutterfly dit que l'attaque des ransomwares CLOP n'a pas eu d'impact sur les données des clients Shutterfly says Clop ransomware attack did not impact customer data (lien direct) |
Shutterfly, une plate-forme de fabrication en ligne de vente au détail et de photographie, est parmi les dernières victimes frappées par des ransomwares de Clop.Au cours des derniers mois, CloP Ransomware Gang a exploité une vulnérabilité dans le service de transfert de fichiers Moveit pour violer des centaines d'entreprises pour voler leurs données et tenter l'extorsion contre eux.[...]
Shutterfly, an online retail and photography manufacturing platform, is among the latest victims hit by Clop ransomware. Over the last few months, Clop ransomware gang has been exploiting a vulnerability in the MOVEit File Transfer utility to breach hundreds of companies to steal their data and attempt extortion against them. [...] |
Ransomware Data Breach Vulnerability | ★★★ | |
 |
2023-07-13 00:00:00 | Le Ransomware Threat Landscape H1-23 Ce rapport fournit une analyse complète de toutes les attaques de ransomwares connues qui ont été signalées au cours des deux premiers trimestres de 2023. The Ransomware Threat Landscape H1-23This report provides a comprehensive analysis of all known ransomware attacks that were reported during the first two quarters of 2023.Read More (lien direct) |
IntroductionâIn this comprehensive report, Kovrr collected and analyzed data on all known ransomware attacks reported during the first two quarters of 2023. The data was collected from multiple sources, all aggregated and updated regularly in Kovrrâs Threat Intelligence Database. The database includes data on many different types of cyber incidents, but this report includes only data on ransomware attacks, excluding data on any other type of attacks. The ransomware groups covered in this report all operate as a RaaS (Ransomware as a Service), a business model through which the ransomware binary and operation are sold or leased to operators, called affiliates. This means that a ransomware operation is composed of many different individuals, with separate roles, and the extortion profits are divided between them. Some individuals are responsible for initial access to the targets, others to lateral movement to interesting and profitable areas in the victim network, while others are responsible for the ransomware infection itself, and others negotiate with the victim after infection. âSummaryâThese are the main insights from the collected data:There is a 32% drop in attack amounts in H1-23 compared to H2-22. It is important to note that this drop can also be due to delayed reporting of cyber incidents by attacked companies.The top ten most active groups observed during the first half of 2023 are AvosLocker, Bianlian, BlackBasta, BlackCat, Clop, Lockbit 3.0, MedusaLocker, Play, Royal, and ViceSociety. All 10 actors accounted for 87% of attacks during this period, while the top 3 groups (Lockbit 3.0, BlackCat, and Clop) accounted for 53% of all claimed attacks during this period. The average lifespan of a ransomware group is 262 days, while the median is 167 days. In an average month, 18.3 different ransomware groups are active.The most targeted industry is the Services industry, while companies with a revenue of $10M-$50M are the most common targets. âData Collection Methods and Possible BiasesâThe data for this research was collected from Kovrrâs Threat Intelligence Database, that collects data from multiple sources, and includes information on different types of cyber incidents. Specifically for this report, data was collected mainly from ransomware leak sites, public filings of attacked companies, and news reports on ransomware attacks. The data from ransomware leak sites was collected mainly from Double Extortion (https://doubleextortion.com), a data source providing up to date information from ransomware leak sites. The rest of the data was collected using proprietary sources and methods. This data was then combined with additional sources to collect company business information and is limited to ransomware attacks that occurred and were reported in the first two quarters of 2023, between January 1st 2023 and June 31st 2023. There are several possible biases in the data that may affect the results presented in the report. Data collection for this research relied either on a company filing a notification on a ransomware attack, or a ransomware group uploading information about a victim. Therefore, in the case that a company decided not to file a notice of a ransomware attack, for example due to not being legally required to do so, it will not be included in our data. This means that companies located in countries that require data breach notifications, such as companies in the United States or the European Union, are expected to have a higher representation in our data. This is also true for companies in more regulated industries, such as healthcare. Regarding data retrieved from ransom group sites, there may be cases where an attacker did not upload data on the attack victim, as the victim paid the ransom, or for other reasons. This means that some victims that have quickly paid ransoms following an attack might not appear in our data. Additionally,, we have previously researched | Ransomware Data Breach Vulnerability Threat Cloud | APT 17 | ★★★ |
|
2023-07-12 19:25:00 | Console & Associates, P.C.Enquête sur les soins de santé HCA après le rapport de violation de données affectant environ 11 millions de patients Console & Associates, P.C. Investigates HCA Healthcare After Report of Data Breach Affecting an Estimated 11M Patients (lien direct) |
IntroductionâIn this comprehensive report, Kovrr collected and analyzed data on all known ransomware attacks reported during the first two quarters of 2023. The data was collected from multiple sources, all aggregated and updated regularly in Kovrrâs Threat Intelligence Database. The database includes data on many different types of cyber incidents, but this report includes only data on ransomware attacks, excluding data on any other type of attacks. The ransomware groups covered in this report all operate as a RaaS (Ransomware as a Service), a business model through which the ransomware binary and operation are sold or leased to operators, called affiliates. This means that a ransomware operation is composed of many different individuals, with separate roles, and the extortion profits are divided between them. Some individuals are responsible for initial access to the targets, others to lateral movement to interesting and profitable areas in the victim network, while others are responsible for the ransomware infection itself, and others negotiate with the victim after infection. âSummaryâThese are the main insights from the collected data:There is a 32% drop in attack amounts in H1-23 compared to H2-22. It is important to note that this drop can also be due to delayed reporting of cyber incidents by attacked companies.The top ten most active groups observed during the first half of 2023 are AvosLocker, Bianlian, BlackBasta, BlackCat, Clop, Lockbit 3.0, MedusaLocker, Play, Royal, and ViceSociety. All 10 actors accounted for 87% of attacks during this period, while the top 3 groups (Lockbit 3.0, BlackCat, and Clop) accounted for 53% of all claimed attacks during this period. The average lifespan of a ransomware group is 262 days, while the median is 167 days. In an average month, 18.3 different ransomware groups are active.The most targeted industry is the Services industry, while companies with a revenue of $10M-$50M are the most common targets. âData Collection Methods and Possible BiasesâThe data for this research was collected from Kovrrâs Threat Intelligence Database, that collects data from multiple sources, and includes information on different types of cyber incidents. Specifically for this report, data was collected mainly from ransomware leak sites, public filings of attacked companies, and news reports on ransomware attacks. The data from ransomware leak sites was collected mainly from Double Extortion (https://doubleextortion.com), a data source providing up to date information from ransomware leak sites. The rest of the data was collected using proprietary sources and methods. This data was then combined with additional sources to collect company business information and is limited to ransomware attacks that occurred and were reported in the first two quarters of 2023, between January 1st 2023 and June 31st 2023. There are several possible biases in the data that may affect the results presented in the report. Data collection for this research relied either on a company filing a notification on a ransomware attack, or a ransomware group uploading information about a victim. Therefore, in the case that a company decided not to file a notice of a ransomware attack, for example due to not being legally required to do so, it will not be included in our data. This means that companies located in countries that require data breach notifications, such as companies in the United States or the European Union, are expected to have a higher representation in our data. This is also true for companies in more regulated industries, such as healthcare. Regarding data retrieved from ransom group sites, there may be cases where an attacker did not upload data on the attack victim, as the victim paid the ransom, or for other reasons. This means that some victims that have quickly paid ransoms following an attack might not appear in our data. Additionally,, we have previously researched | Data Breach | ★★ | |
|
2023-07-12 08:15:00 | Le dénonciateur contacte les clients de Natwest touchés par une violation de données vieille de décennies Whistleblower contacts NatWest customers affected by a decade-old data breach (lien direct) |
IntroductionâIn this comprehensive report, Kovrr collected and analyzed data on all known ransomware attacks reported during the first two quarters of 2023. The data was collected from multiple sources, all aggregated and updated regularly in Kovrrâs Threat Intelligence Database. The database includes data on many different types of cyber incidents, but this report includes only data on ransomware attacks, excluding data on any other type of attacks. The ransomware groups covered in this report all operate as a RaaS (Ransomware as a Service), a business model through which the ransomware binary and operation are sold or leased to operators, called affiliates. This means that a ransomware operation is composed of many different individuals, with separate roles, and the extortion profits are divided between them. Some individuals are responsible for initial access to the targets, others to lateral movement to interesting and profitable areas in the victim network, while others are responsible for the ransomware infection itself, and others negotiate with the victim after infection. âSummaryâThese are the main insights from the collected data:There is a 32% drop in attack amounts in H1-23 compared to H2-22. It is important to note that this drop can also be due to delayed reporting of cyber incidents by attacked companies.The top ten most active groups observed during the first half of 2023 are AvosLocker, Bianlian, BlackBasta, BlackCat, Clop, Lockbit 3.0, MedusaLocker, Play, Royal, and ViceSociety. All 10 actors accounted for 87% of attacks during this period, while the top 3 groups (Lockbit 3.0, BlackCat, and Clop) accounted for 53% of all claimed attacks during this period. The average lifespan of a ransomware group is 262 days, while the median is 167 days. In an average month, 18.3 different ransomware groups are active.The most targeted industry is the Services industry, while companies with a revenue of $10M-$50M are the most common targets. âData Collection Methods and Possible BiasesâThe data for this research was collected from Kovrrâs Threat Intelligence Database, that collects data from multiple sources, and includes information on different types of cyber incidents. Specifically for this report, data was collected mainly from ransomware leak sites, public filings of attacked companies, and news reports on ransomware attacks. The data from ransomware leak sites was collected mainly from Double Extortion (https://doubleextortion.com), a data source providing up to date information from ransomware leak sites. The rest of the data was collected using proprietary sources and methods. This data was then combined with additional sources to collect company business information and is limited to ransomware attacks that occurred and were reported in the first two quarters of 2023, between January 1st 2023 and June 31st 2023. There are several possible biases in the data that may affect the results presented in the report. Data collection for this research relied either on a company filing a notification on a ransomware attack, or a ransomware group uploading information about a victim. Therefore, in the case that a company decided not to file a notice of a ransomware attack, for example due to not being legally required to do so, it will not be included in our data. This means that companies located in countries that require data breach notifications, such as companies in the United States or the European Union, are expected to have a higher representation in our data. This is also true for companies in more regulated industries, such as healthcare. Regarding data retrieved from ransom group sites, there may be cases where an attacker did not upload data on the attack victim, as the victim paid the ransom, or for other reasons. This means that some victims that have quickly paid ransoms following an attack might not appear in our data. Additionally,, we have previously researched | Data Breach | ★★ | |
|
2023-07-11 19:36:00 | 11m Patients de santé HCA touchés par la violation de données 11M HCA Healthcare Patients Impacted by Data Breach (lien direct) |
Les pirates publiés en vente pour les données de santé HCA ont volé sur le forum Web Dark.
The hackers posted up for sale stolen HCA Healthcare data on Dark Web forum. |
Data Breach | ★★ | |
|
2023-07-11 15:35:00 | 11 millions de patients touchés sur la violation des données sur les soins de santé 11 Million Patients Impacted in Healthcare Data Breach (lien direct) |
HCA Healthcare a déclaré que des données personnelles d'environ 11 millions de patients ont été publiées sur un forum en ligne
HCA Healthcare said personal data of approximately 11 million patients was published on an online forum |
Data Breach | ★★ | |
|
2023-07-11 11:56:07 | Des informations personnelles de 11 millions de patients volés en violation de données chez HCA Healthcare Personal Information of 11 Million Patients Stolen in Data Breach at HCA Healthcare (lien direct) |
HCA Healthcare dit que les informations personnelles d'environ 11 millions de patients ont été volées dans une violation de données.
HCA Healthcare says the personal information of roughly 11 million patients was stolen in a data breach. |
Data Breach | ★★ | |
|
2023-07-11 11:51:04 | Deutsche Bank confirme la violation du fournisseur Deutsche Bank confirms provider breach exposed customer data (lien direct) |
Deutsche Bank AG a confirmé à BleepingComputer qu'une violation de données sur l'un de ses fournisseurs de services a exposé ses données sur une attaque de données de transfert de transfert de déplacement probable.[...]
Deutsche Bank AG has confirmed to BleepingComputer that a data breach on one of its service providers has exposed its customers\' data in a likely MOVEit Transfer data-theft attack. [...] |
Data Breach | ★★★ | |
|
2023-07-11 10:59:20 | HCA confirme la violation après le pirate vole les données de 11 millions de patients HCA confirms breach after hacker steals data of 11 million patients (lien direct) |
HCA Healthcare a révélé une violation de données ayant un impact sur environ 11 millions de patients qui ont reçu des soins dans l'un de ses hôpitaux et cliniques après qu'un acteur de menace a publié des échantillons de données volées sur un forum de piratage.[...]
HCA Healthcare disclosed a data breach impacting an estimated 11 million patients who received care at one of its hospitals and clinics after a threat actor posted samples of stolen data on a hacking forum. [...] |
Data Breach Threat | ★★ |
To see everything:
Our RSS (filtrered)
