What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-15 00:39:38 | The Medibank Data Breach – Steps You Can Take to Protect Yourself (lien direct) | >
Hackers have posted another batch of stolen health records on the dark web-following a breach that could potentially affect nearly...
|
Data Breach | ★★★ | |
 |
2022-11-14 13:19:27 | Whoosh confirms data breach after hackers sell 7.2M user records (lien direct) | The Russian scooter-sharing service Whoosh has confirmed a data breach after hackers started to sell a database containing the details of 7.2 million customers on a hacking forum. [...] | Data Breach | ||
 |
2022-11-11 01:54:00 | Medibank hackers revealed to be in Russia (lien direct) | The Australian Federal Police has revealed that those responsible for the data breach of Australian private health insurer Medibank are in Russia.On October 13, Medibank paused trading in the Australian Securities Exchange and announced there had been a “cyber incident”. At the time the company believed no data had been accessed and that the main issue was at its ahm and international student policy management units.But what started as the second largest breach in Australia's history slowly unraveled into a potentially much more harmful breach than the infamous Optus breach, which impacted a third of the Australian population.To read this article in full, please click here | Data Breach | ||
 |
2022-11-09 18:58:27 | Medibank Hackers Begin Publishing Data (lien direct) | It has been announced that the criminals behind the Medibank data breach have published some of the stolen data online. On Wednesday the names, addresses, birthdates and Medicare details of about 200 customers started appearing on the dark web under a “good-list” and a “naughty-list”. The health insurer has warned that more stolen data, including passport […] | Data Breach | ||
 |
2022-11-09 14:55:31 | Les attaques DDoS restent l\'un des principaux types d\'incidents identifiés en 2022 (lien direct) | Selon Data Breach Investigations Report (DBIR), en 2022 les attaques DDoS restent l'un des principaux types d'incidents identifiés avec les attaques par botnets. Mirai, Emotet, LemonDuck sont autant de noms qui, hors contexte, pourraient faire sourire, mais qui, dans le monde de la cybersécurité, donnent du fil à retordre aux équipes. | Data Breach | ||
 |
2022-11-08 14:00:00 | Millions Lost in Minutes - Mitigating Public-Facing Attacks (lien direct) | >In recent years, many high-profile companies have suffered destructive cybersecurity breaches. These public-facing assaults cost organizations millions of dollars in minutes, from stock prices to media partnerships. Fast Company, Rockstar, Uber, Apple and more have all been victims of these costly and embarrassing attacks. The total average cost of a data breach has increased by […] | Data Breach | Uber | |
 |
2022-11-07 17:16:00 | Medibank Refuses to Pay Ransom After Data Breach (lien direct) | Medibank believes there is a limited chance paying a ransom would return customers' data | Data Breach | ||
 |
2022-11-07 14:10:41 | SolarWinds Agrees to Pay $26 Million to Settle Shareholder Lawsuit Over Data Breach (lien direct) | Texas-based IT management solutions provider SolarWinds has agreed to pay $26 million to settle a shareholder lawsuit over the data breach disclosed by the company in 2020. | Data Breach | ||
|
2022-11-07 11:10:57 | Medibank Confirms Data Breach Impacts 9.7 Million Customers (lien direct) | Australian health insurer Medibank today confirmed that the data of 9.7 million customers was compromised in a recent cyberattack. The incident was identified on October 12, before threat actors could deploy file-encrypting ransomware, but not before they stole data from the company's systems. | Data Breach Threat | ||
|
2022-11-04 10:30:00 | ICO Slashes Government Data Breach Fine (lien direct) | UK regulator reduces penalty by 90% | Data Breach | ||
 |
2022-11-03 10:00:00 | Minimizing security concerns of ESOPs (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Retirement plans are an easily overlooked but often critical cybersecurity concern. Employee stock ownership plans (ESOPs), while less common than others, may face particular risks. ESOPs can provide a valuable way to foster employee engagement and reward loyal workers, but businesses must consider their cybersecurity risks. Without proper security, these plans and those who depend on them may be in danger. ESOP security risks Employee Retirement Income Security Act (ERISA)-regulated plans covered an estimated $9.3 trillion as of 2018. Individual ones can hold millions of dollars, making them tempting targets for cybercriminals. ESOPs pose unique risks, as participating employees have an ownership stake in the company. Consequently, cyberattacks that damage the business’s reputation will affect ESOP participants. Lower stock values will reduce workers’ payouts when they retire. This ownership stake means an attack doesn’t have to target the retirement plan directly to impact its participants. Any cybersecurity incident against the business poses a significant risk, and ESOP security means safeguarding the entire company’s attack surface. How to minimize ESOP security concerns ESOP cybersecurity concerns are significant, but you can take several steps to address them. Here’s how you can mitigate these security risks. Assess company-specific risks The first step in ESOP cybersecurity is to assess your specific risk landscape. Every organization and plan within one has unique considerations determining the most effective mitigation measures, so these assessments are a crucial starting point. Every risk contains two key components: an event that could happen and the consequences if it does. Teams must compile a formal list of threats facing their ESOP plans, ensuring to cover both these categories. This will reveal the most important vulnerabilities to address, helping guide further security steps. Verify vendors Like many retirement plans, ESOPs typically rely on third-party vendors to manage funds. Consequently, breaches in these partners could impact the business itself. About 51% of all organizations have experienced a data breach from a third party, so verifying their security before going into business with them is crucial. Ask for third-party audits and similar proofs of security to ensure any vendors meet strict cybersecurity standards. Contracts should include detailed pictures of their security responsibilities and consequences for noncompliance. Ensuring all vendors have sufficient cybersecurity insurance is also a good idea. Minimize access You should minimize access privileges across the organization and its partners even after verification. Well-meaning employees can still make critical errors, but if each account can only use a few resources, a breach in one won’t jeopardize the entire system. Operate by the principle of least privilege: Every user, program and endpoint should only be able to access what it needs to work correctly. That applies to third parties as well as company insiders. This will minimize lateral movement risks, helping keep ESOPs safe from attacks elsewhere in the organization. Create a culture of Cybersecurity | Data Breach | ||
|
2022-11-02 14:09:37 | Royal Mail Data Breach (lien direct) | It has been reported that Royal Mail has experienced a data breach where customers have seen the information of other users. A statement on Royal Mail’s Click and Drop status updates website said: “We have been made aware there was an issue affecting Click & Drop that meant some customers could see other customer’s orders. | Data Breach | ||
|
2022-11-02 13:05:18 | Vodafone Italy discloses data breach after reseller hacked (lien direct) | Vodafone Italia is sending customers notices of a data breach, informing them that one of its commercial partners, FourB S.p.A., who operates as a reseller of the telco's services in the country, has fallen victim to a cyberattack. [...] | Data Breach | ||
|
2022-11-02 11:30:41 | Hackers Stole Source Code, Personal Data From Dropbox Following Phishing Attack (lien direct) | Dropbox revealed on November 1 that it recently suffered a data breach where malicious actors gained access to some source code and personal information belonging to employees and customers. | Data Breach | ||
|
2022-11-01 12:10:08 | Bed Bath & Beyond Investigating Data Breach After Employee Falls for Phishing Attack (lien direct) | Bed Bath & Beyond revealed last week in an SEC filing that it recently suffered a data breach after an employee fell victim to a phishing attack. | Data Breach | ||
|
2022-10-31 13:15:12 | Label Giant Multi-Color Corporation Discloses Data Breach (lien direct) | Label printing giant Multi-Color Corporation (MCC) has started informing employees that their personal information might have been compromised in a recent cyberattack. | Data Breach | ||
|
2022-10-28 13:12:07 | Twilio Says Employees Targeted in Separate Smishing, Vishing Attacks (lien direct) | Enterprise communications firm Twilio has concluded its investigation into the recent data breach and revealed on Thursday that its employees were targeted in smishing and vishing attacks on two separate occasions. | Data Breach | ||
|
2022-10-27 14:08:16 | (Déjà vu) Expert Commentary: See Tickets Data Breach (lien direct) | It has been reported that global ticketing giant See Tickets has begun notifying customers of a significant breach of their personal and financial information, which lasted for over two-and-a-half years. The company, owned by French media firm Vivendi, revealed the news in breach notification letters published by various US states. An official statement from either business has so […] | Data Breach | ||
|
2022-10-27 14:05:38 | Australian Clinical Labs says patient data stolen in ransomware attack (lien direct) | Australian Clinical Labs (ACL) has disclosed a February 2022 data breach that impacted its Medlab Pathology business, exposing the medical records and other sensitive information of 223,000 people. [...] | Ransomware Data Breach | ||
|
2022-10-27 10:00:00 | 11 Cybersecurity investments you can make right now (lien direct) | This blog was written by an independent guest blogger. The average cost of a data breach will continue to rise, which means companies need to start planning accordingly. To protect your business, you need to invest in cybersecurity. Here are 11 areas you should focus on. Cyber insurance Cyber insurance is designed to protect businesses from the financial repercussions of a cyber-attack. It can cover costs such as business interruption, data recovery, legal expenses, and reputational damage. It is increasingly common across industries and at companies of all sizes, even small businesses, which have become a growing target of cybercriminals. Cyber insurance has also become a new compliance requirement in many industries, including healthcare, finance, and retail. In the event of a data breach, companies are often required to notify their customers and partners, which can be costly. Cyber insurance can help cover these expenses. Employee training Employees are often the weakest link in a company's cybersecurity defenses. They may not be aware of the latest cyber threats or how to protect themselves from them. That's why it's important to provide employees with regular training on cybersecurity risks and best practices. There are many different types of employee training programs available, ranging from in-person seminars to online courses. Some companies even offer financial incentives for employees who complete training programs. In the remote work era, employee education also increasingly means arming remote workers with knowledge that will keep company data safe while they are working on networks that might not be well secured. This is especially the case if you know people are connecting via public networks at cafes, co-working spaces, and airports. Endpoint security Endpoints are the devices that connect to a network, such as laptops, smartphones, and tablets. They are also a common entry point for cyber-attacks. That's why it's important to invest in endpoint security, which includes solutions such as antivirus software, firewalls, and encryption. You can invest in endpoint security by purchasing it from a vendor or by implementing it yourself. There are also many free and open-source solutions available. Make sure you test any endpoint security solution before deploying it in your environment. Identity and access management Identity and access management (IAM) is a process for managing user identities and permissions. It can be used to control who has access to what data and resources, and how they can use them. IAM solutions often include features such as Single Sign-On (SSO), which allows users to access multiple applications with one set of credentials, and two-factor authentication (2FA), which adds an extra layer of security. IAM solutions can be deployed on-premises or in the cloud. They can also be integrated with other security solutions, such as firewalls and intrusion detection systems. Intrusion detection and prevention Intrusion detection and prevention systems (IDPS) are designed to detect and prevent cyber-attacks. They work by monitoring network traffic for suspicious activity and blocking or flagging it as needed. IDPS solutions can be deployed on-premises or in the cloud. There are many different types of IDPS solutions available, ranging from simple network-based solutions to more sophisticated host-based ones. Make sure you choose a solution that is right for your environment and needs. Security information and event management Security information and event management (SIEM) solutions are designed to collect and analyze data from a variety of security | Data Breach Spam Malware Vulnerability Patching | ||
 |
2022-10-26 19:09:16 | See Tickets discloses data breach, customers\' credit card data exposed (lien direct) | International ticketing services company See Tickets disclosed a data breach that exposed customers’ payment card details. Ticketing service company See Tickets disclosed a data breach, and threat actors might have accessed customers’ payment card details. Threat actors were able to steal payment card data by implanting a software skimmer on its website. The company discovered […] | Data Breach Threat | ||
 |
2022-10-26 15:35:16 | See Tickets Notifies Customers of Major Card Data Breach (lien direct) | Earlier today, global ticketing giant See Tickets has begun notifying customers of a significant breach of their personal and financial information, which lasted for over two-and-a-half years. It appears that the company, owned by French media firm Vivendi, revealed the news in breach notification letters published by various US states. An official statement from either business […] | Data Breach | ||
|
2022-10-26 11:51:05 | Data Breach Victims Sue Rhode Island Transit Agency, Insurer (lien direct) | Two people whose personal information was compromised in a data breach at Rhode Island's public bus service that affected about 22,000 people sued the agency and a health insurer on Tuesday seeking monetary damages and answers. | Data Breach | ||
|
2022-10-26 09:15:00 | See Tickets Discloses Major Card Data Breach (lien direct) | Unspecified number of customers impacted over 2.5 years | Data Breach | ||
 |
2022-10-26 03:45:08 | Health insurer Medibank\'s data breach diagnosis keeps getting worse (lien direct) | All four million customers at risk of having records of medical treatments exposed Australian health insurer Medibank's data breach was today revealed to be even worse than first thought, with a regulatory filing stating that info describing all four million customers has been accessed.… | Data Breach | ||
|
2022-10-25 16:36:44 | FTC Targets Drizly and Its CEO Over Cybersecurity Failures That Led to Data Breach (lien direct) | The Federal Trade Commission (FTC) this week announced an administrative complaint against online alcohol marketplace Drizly and its CEO, James Cory Rellas, over the company's poor data security practices. | Data Breach | ||
|
2022-10-24 11:05:05 | Exclusive Comments On Medibank Data Breach (lien direct) | Following the news this morning that Medibank, Australia's biggest health insurer has suffered a data breach, cybersecurity experts reacted below. | Data Breach | ||
|
2022-10-24 11:01:00 | BrandPost: How a Zero Trust Platform Approach Takes Security to the Next Level (lien direct) | Even though many organizations have a goal of achieving zero trust, this goal may not always be realizable in the solutions they are implementing. In fact, a recent survey found that while most responding organizations said they had implemented or were implementing a zero trust strategy, more than half of them didn't have the ability to authenticate users and devices on an ongoing basis. Giving too much trust could have disastrous – and costly – results. IBM estimates that the worldwide average cost of a data breach is currently a staggering $4.24 million.To read this article in full, please click here | Data Breach | ||
|
2022-10-24 00:15:05 | Blazing South Korean datacenter operator raided by cops, blames its own batteries (lien direct) | PLUS: Australia boosts data breach fines; India outlet drops Meta allegations; AWS spices up Thailand's cloud; and more Asia In Brief South Korean police have reportedly raided the premises of SK C&C, the operator of the datacenter that caught fire on the weekend of October 15 and disrupted the operations of local web giants Naver and Kakao.… | Data Breach | ||
|
2022-10-21 12:57:55 | Health System Data Breach Due To Meta Pixel Hits 3 Million Patients (lien direct) | In response to reports that Advocate Aurora Health, a 26-hospital healthcare system in Wisconsin and Illinois, is notifying its patients of a data breach that exposed the personal data of 3,000,000 patients, experts at cybersecurity firms offer the following comments. | Data Breach | ||
|
2022-10-21 05:23:28 | Healthcare system Advocate Aurora Health data breach potentially impacted 3M patients (lien direct) | >Healthcare system Advocate Aurora Health (AAH) disclosed a data breach that exposed the personal data of 3,000,000 patients. The US-based hospital healthcare system Advocate Aurora Health (AAH) disclosed a data breach that exposed the personal data of 3,000,000 patients. The company is notifying the impacted individuals. The healthcare system operates 26 hospitals in Wisconsin and […] | Data Breach | ||
 |
2022-10-20 17:29:09 | Top DOJ official "pleased" with multi-agency and branch response to courts data breach (lien direct) | >Deputy Assistant Attorney General for National Security Adam Hickey discussed the breach and the need to balance transparency with privacy related to sensitive material. | Data Breach | ||
|
2022-10-20 11:21:30 | Health system data breach due to Meta Pixel hits 3 million patients (lien direct) | Advocate Aurora Health (AAH), a 26-hospital healthcare system in the states of Wisconsin and Illinois, is notifying its patients of an unintentional data breach that impacts 3,000,000 individuals. [...] | Data Breach | ||
 |
2022-10-20 05:05:00 | NatWest data breach whistleblower demands bank pay data controller fee to ICO (lien direct) | Advocate Aurora Health (AAH), a 26-hospital healthcare system in the states of Wisconsin and Illinois, is notifying its patients of an unintentional data breach that impacts 3,000,000 individuals. [...] | Data Breach | ||
|
2022-10-19 14:28:11 | Microsoft data breach exposes customers\' contact info, emails (lien direct) | Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet. [...] | Data Breach | ||
|
2022-10-19 10:00:00 | Alarming attacks on Internet of Medical Things (IoMT) (lien direct) | This blog was written by an independent guest blogger. The impact of ransomware attacks on healthcare is as alarming as it is under-addressed. The United States healthcare system alone faces an annual burden of nearly $21 billion due to these attacks. It pays well over $100 million in ransoms, and is beginning to acknowledge the tragic realities of impacted patient care, including higher patient mortality rates. For every headline related to cyberattacks, there are likely hundreds more that go unreported. In a study released in 2021, IoT/IoMT devices were revealed to be the attack vector for 21% of ransomware attacks. In May 2022, CISA Senior Advisor Joshua Corman further documented the rising risks during a Senate HELP Committee hearing. And in August 2022, the Ponemon Institute and Ivanti’s partner Cynerio teamed to dive even deeper into the impact of insecure medical devices on hospitals and patients in their Insecurity of Connected Devices in Healthcare 2022 report. Statistics from the report show: 43% of respondents experienced at least one ransomware attack. 88% of cyberattacks involve an IoMT device. The average data breach cost is well over $1 million. Tragically, 24% of attacks result in increased mortality rates. Seven out of ten respondents (71%) believe that very high security risks are created by these otherwise overwhelmingly beneficial marvels of modern medicine. Recognition of risk is a step in the right direction, although it is unfortunately more of a talking point than one of action. Over half (54%) of respondents did not report senior management requiring assurances of properly addressed IoT/IoMT device risk. Even more concerning, two thirds (67%) don’t believe their devices are being patched in a timely manner - the most basic, widely accepted and often required action for nearly any healthcare environment. The current landscape of most hospitals - battling an epidemic with exhausted staff, strained resources, limited cybersecurity expertise and massive bullseyes - makes them easy targets. A consolidated effort to improve hospital security is needed; AT&T, in partnership with Ivanti Neurons for Healthcare, offers specific solutions to support risk reduction through actionable guidance. Reports demonstrate before-and-after security status, reflecting the improvements gained by taking action. Network segmentation recommendations integrate with existing NAC solutions, adding intelligence and visibility to the process. Dashboards quantify risks by device, manufacturer, hardware type, and OS, providing a strategy to fight cybercriminals who leave morbid results in their ceaseless drive for ransoms. In as little as five days, a proof of value engagement will demonstrate a reduction in risk for your healthcare organization. For more information about Ivanti Neurons for Healthcare, and how it can be part of a unified security approach with AT&T Cybersecurity visit us. There's also a nice e-book | Ransomware Data Breach Guideline | ||
|
2022-10-18 13:21:02 | Toyota Data Breach Exposes Customer Data – What You Can Do to Protect Yourself (lien direct) | >
Automobile manufacturer Toyota recently announced a data breach that may have exposed the emails of up to 300,000 customers for...
|
Data Breach | ||
|
2022-10-18 12:53:05 | Keystone Health Data Breach Impacts 235,000 Patients (lien direct) | Pennsylvania healthcare provider Keystone Health has started informing patients of a data breach potentially impacting their personal information. | Data Breach | ||
|
2022-10-17 19:15:18 | Retail giant Woolworths discloses data breach of MyDeal online marketplace (lien direct) | >Australian retail giant Woolworths disclosed a data breach that impacted approximately 2.2 million MyDeal customers. Bad news for the customers of the MyDeal online marketplace, the Australian retail giant Woolworths disclosed a data breach that impacted approximately 2.2 million of them. As soon the company became aware of the security breach it blocked access to […] | Data Breach | ||
 |
2022-10-17 16:50:56 | Fashion brand SHEIN fined $1.9m for lying about data breach (lien direct) | Is "pay a small fine and keep on trading" a sufficient penalty for letting a breach happen, impeding an investigation, and hiding the truth? | Data Breach | ||
|
2022-10-17 16:16:01 | MyDeal data breach impacts 2.2M users, stolen data for sale online (lien direct) | Woolworths' MyDeal subsidiary has disclosed a data breach affecting 2.2 million customers, with the hacker trying to sell the stolen data on a hacker forum. [...] | Data Breach | ||
 |
2022-10-17 14:34:27 | Fine for Shein! Fashion site hit with $1.9 million bill after lying about data breach (lien direct) | The parent company of women's fashion site Shein has been fined $1.9 million after being accused of lying about the extent of data breach, and notifying "only a fraction" of affected customers. Read more in my article on the Hot for Security blog. | Data Breach | ||
|
2022-10-17 13:48:44 | Retail Giant Woolworths Discloses Data Breach Impacting 2.2 Million MyDeal Customers (lien direct) | Australian retail giant Woolworths revealed on Friday that a recent data breach has impacted the information of 2.2 million MyDeal customers. Woolworths acquired 80% of the MyDeal online marketplace in September, but says MyDeal systems are completely separate from its own systems, which have not been impacted by the incident. | Data Breach | ||
|
2022-10-17 13:00:00 | 3 Ways EDR Can Stop Ransomware Attacks (lien direct) | >Ransomware attacks are on the rise. While these activities are low-risk and high-reward for criminal groups, their consequences can devastate their target organizations. According to the 2022 Cost of a Data Breach report, the average cost of a ransomware attack is $4.54 million, without including the cost of the ransom itself. Ransomware breaches also took […] | Ransomware Data Breach | ||
 |
2022-10-14 16:08:04 | Shein owner Zoetop fined $1.9m over data breach response (lien direct) | New York Attorney General Letitia James accuses Zoetop of lying about the extent of the 2018 attack. | Data Breach | ||
|
2022-10-14 16:00:00 | Shein Holding Company Fined $1.9m For Not Disclosing Data Breach (lien direct) | The data breach saw Zoetop allegedly trying to keep the real impact of the leak quiet | Data Breach | ||
|
2022-10-13 13:00:00 | How Do Data Breaches Impact Economic Instability? (lien direct) | >Geopolitical conflict, inflation, job market pressure, rising debt — we’ve been hearing about economic headwinds for a while now. Could data breaches have anything to do with this? According to a recent IBM report, the average cost of a data breach has reached an all-time high. Like any other business liability, these costs must be […] | Data Breach | ||
 |
2022-10-12 16:33:00 | 64,000 Additional Patients Impacted by Omnicell Data Breach - What is Your Data Breach Action Plan? (lien direct) | In April 2022, Omnicell reported a data breach affecting nearly 62,000 patients. The company has revealed that the incident has impacted an additional 64,000 individuals. This brings the total number of patients affected to over 126,000. Will you be the next victim like Omnicell? If you are overlooking the importance of data protection, attackers can get you in no time. Explore the impact of | Data Breach | ||
|
2022-10-12 15:00:00 | Singtel\'s Australian IT Firm Dialog Suffers Data Breach (lien direct) | The breach affected around 20 clients and 1000 current and/or former Dialog employees | Data Breach | ||
|
2022-10-11 11:04:00 | Toyota Discloses Data Breach Impacting Source Code, Customer Email Addresses (lien direct) | Japanese car manufacturer Toyota has disclosed a security incident that involved source code hosted on GitHub and which may have resulted in unauthorized access to roughly 300,000 customer email addresses. | Data Breach |
To see everything:
Our RSS (filtrered)
