What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-10-26 19:09:16 | See Tickets discloses data breach, customers\' credit card data exposed (lien direct) | International ticketing services company See Tickets disclosed a data breach that exposed customers’ payment card details. Ticketing service company See Tickets disclosed a data breach, and threat actors might have accessed customers’ payment card details. Threat actors were able to steal payment card data by implanting a software skimmer on its website. The company discovered […] | Data Breach Threat | ||
 |
2022-10-26 15:35:16 | See Tickets Notifies Customers of Major Card Data Breach (lien direct) | Earlier today, global ticketing giant See Tickets has begun notifying customers of a significant breach of their personal and financial information, which lasted for over two-and-a-half years. It appears that the company, owned by French media firm Vivendi, revealed the news in breach notification letters published by various US states. An official statement from either business […] | Data Breach | ||
 |
2022-10-26 11:51:05 | Data Breach Victims Sue Rhode Island Transit Agency, Insurer (lien direct) | Two people whose personal information was compromised in a data breach at Rhode Island's public bus service that affected about 22,000 people sued the agency and a health insurer on Tuesday seeking monetary damages and answers. | Data Breach | ||
 |
2022-10-26 09:15:00 | See Tickets Discloses Major Card Data Breach (lien direct) | Unspecified number of customers impacted over 2.5 years | Data Breach | ||
 |
2022-10-26 03:45:08 | Health insurer Medibank\'s data breach diagnosis keeps getting worse (lien direct) | All four million customers at risk of having records of medical treatments exposed Australian health insurer Medibank's data breach was today revealed to be even worse than first thought, with a regulatory filing stating that info describing all four million customers has been accessed.… | Data Breach | ||
|
2022-10-25 16:36:44 | FTC Targets Drizly and Its CEO Over Cybersecurity Failures That Led to Data Breach (lien direct) | The Federal Trade Commission (FTC) this week announced an administrative complaint against online alcohol marketplace Drizly and its CEO, James Cory Rellas, over the company's poor data security practices. | Data Breach | ||
 |
2022-10-24 11:05:05 | Exclusive Comments On Medibank Data Breach (lien direct) | Following the news this morning that Medibank, Australia's biggest health insurer has suffered a data breach, cybersecurity experts reacted below. | Data Breach | ||
 |
2022-10-24 11:01:00 | BrandPost: How a Zero Trust Platform Approach Takes Security to the Next Level (lien direct) | Even though many organizations have a goal of achieving zero trust, this goal may not always be realizable in the solutions they are implementing. In fact, a recent survey found that while most responding organizations said they had implemented or were implementing a zero trust strategy, more than half of them didn't have the ability to authenticate users and devices on an ongoing basis. Giving too much trust could have disastrous – and costly – results. IBM estimates that the worldwide average cost of a data breach is currently a staggering $4.24 million.To read this article in full, please click here | Data Breach | ||
|
2022-10-24 00:15:05 | Blazing South Korean datacenter operator raided by cops, blames its own batteries (lien direct) | PLUS: Australia boosts data breach fines; India outlet drops Meta allegations; AWS spices up Thailand's cloud; and more Asia In Brief South Korean police have reportedly raided the premises of SK C&C, the operator of the datacenter that caught fire on the weekend of October 15 and disrupted the operations of local web giants Naver and Kakao.… | Data Breach | ||
|
2022-10-21 12:57:55 | Health System Data Breach Due To Meta Pixel Hits 3 Million Patients (lien direct) | In response to reports that Advocate Aurora Health, a 26-hospital healthcare system in Wisconsin and Illinois, is notifying its patients of a data breach that exposed the personal data of 3,000,000 patients, experts at cybersecurity firms offer the following comments. | Data Breach | ||
|
2022-10-21 05:23:28 | Healthcare system Advocate Aurora Health data breach potentially impacted 3M patients (lien direct) | >Healthcare system Advocate Aurora Health (AAH) disclosed a data breach that exposed the personal data of 3,000,000 patients. The US-based hospital healthcare system Advocate Aurora Health (AAH) disclosed a data breach that exposed the personal data of 3,000,000 patients. The company is notifying the impacted individuals. The healthcare system operates 26 hospitals in Wisconsin and […] | Data Breach | ||
 |
2022-10-20 17:29:09 | Top DOJ official "pleased" with multi-agency and branch response to courts data breach (lien direct) | >Deputy Assistant Attorney General for National Security Adam Hickey discussed the breach and the need to balance transparency with privacy related to sensitive material. | Data Breach | ||
 |
2022-10-20 11:21:30 | Health system data breach due to Meta Pixel hits 3 million patients (lien direct) | Advocate Aurora Health (AAH), a 26-hospital healthcare system in the states of Wisconsin and Illinois, is notifying its patients of an unintentional data breach that impacts 3,000,000 individuals. [...] | Data Breach | ||
 |
2022-10-20 05:05:00 | NatWest data breach whistleblower demands bank pay data controller fee to ICO (lien direct) | Advocate Aurora Health (AAH), a 26-hospital healthcare system in the states of Wisconsin and Illinois, is notifying its patients of an unintentional data breach that impacts 3,000,000 individuals. [...] | Data Breach | ||
|
2022-10-19 14:28:11 | Microsoft data breach exposes customers\' contact info, emails (lien direct) | Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet. [...] | Data Breach | ||
 |
2022-10-19 10:00:00 | Alarming attacks on Internet of Medical Things (IoMT) (lien direct) | This blog was written by an independent guest blogger. The impact of ransomware attacks on healthcare is as alarming as it is under-addressed. The United States healthcare system alone faces an annual burden of nearly $21 billion due to these attacks. It pays well over $100 million in ransoms, and is beginning to acknowledge the tragic realities of impacted patient care, including higher patient mortality rates. For every headline related to cyberattacks, there are likely hundreds more that go unreported. In a study released in 2021, IoT/IoMT devices were revealed to be the attack vector for 21% of ransomware attacks. In May 2022, CISA Senior Advisor Joshua Corman further documented the rising risks during a Senate HELP Committee hearing. And in August 2022, the Ponemon Institute and Ivanti’s partner Cynerio teamed to dive even deeper into the impact of insecure medical devices on hospitals and patients in their Insecurity of Connected Devices in Healthcare 2022 report. Statistics from the report show: 43% of respondents experienced at least one ransomware attack. 88% of cyberattacks involve an IoMT device. The average data breach cost is well over $1 million. Tragically, 24% of attacks result in increased mortality rates. Seven out of ten respondents (71%) believe that very high security risks are created by these otherwise overwhelmingly beneficial marvels of modern medicine. Recognition of risk is a step in the right direction, although it is unfortunately more of a talking point than one of action. Over half (54%) of respondents did not report senior management requiring assurances of properly addressed IoT/IoMT device risk. Even more concerning, two thirds (67%) don’t believe their devices are being patched in a timely manner - the most basic, widely accepted and often required action for nearly any healthcare environment. The current landscape of most hospitals - battling an epidemic with exhausted staff, strained resources, limited cybersecurity expertise and massive bullseyes - makes them easy targets. A consolidated effort to improve hospital security is needed; AT&T, in partnership with Ivanti Neurons for Healthcare, offers specific solutions to support risk reduction through actionable guidance. Reports demonstrate before-and-after security status, reflecting the improvements gained by taking action. Network segmentation recommendations integrate with existing NAC solutions, adding intelligence and visibility to the process. Dashboards quantify risks by device, manufacturer, hardware type, and OS, providing a strategy to fight cybercriminals who leave morbid results in their ceaseless drive for ransoms. In as little as five days, a proof of value engagement will demonstrate a reduction in risk for your healthcare organization. For more information about Ivanti Neurons for Healthcare, and how it can be part of a unified security approach with AT&T Cybersecurity visit us. There's also a nice e-book | Ransomware Data Breach Guideline | ||
 |
2022-10-18 13:21:02 | Toyota Data Breach Exposes Customer Data – What You Can Do to Protect Yourself (lien direct) | >
Automobile manufacturer Toyota recently announced a data breach that may have exposed the emails of up to 300,000 customers for...
|
Data Breach | ||
|
2022-10-18 12:53:05 | Keystone Health Data Breach Impacts 235,000 Patients (lien direct) | Pennsylvania healthcare provider Keystone Health has started informing patients of a data breach potentially impacting their personal information. | Data Breach | ||
|
2022-10-17 19:15:18 | Retail giant Woolworths discloses data breach of MyDeal online marketplace (lien direct) | >Australian retail giant Woolworths disclosed a data breach that impacted approximately 2.2 million MyDeal customers. Bad news for the customers of the MyDeal online marketplace, the Australian retail giant Woolworths disclosed a data breach that impacted approximately 2.2 million of them. As soon the company became aware of the security breach it blocked access to […] | Data Breach | ||
 |
2022-10-17 16:50:56 | Fashion brand SHEIN fined $1.9m for lying about data breach (lien direct) | Is "pay a small fine and keep on trading" a sufficient penalty for letting a breach happen, impeding an investigation, and hiding the truth? | Data Breach | ||
|
2022-10-17 16:16:01 | MyDeal data breach impacts 2.2M users, stolen data for sale online (lien direct) | Woolworths' MyDeal subsidiary has disclosed a data breach affecting 2.2 million customers, with the hacker trying to sell the stolen data on a hacker forum. [...] | Data Breach | ||
 |
2022-10-17 14:34:27 | Fine for Shein! Fashion site hit with $1.9 million bill after lying about data breach (lien direct) | The parent company of women's fashion site Shein has been fined $1.9 million after being accused of lying about the extent of data breach, and notifying "only a fraction" of affected customers. Read more in my article on the Hot for Security blog. | Data Breach | ||
|
2022-10-17 13:48:44 | Retail Giant Woolworths Discloses Data Breach Impacting 2.2 Million MyDeal Customers (lien direct) | Australian retail giant Woolworths revealed on Friday that a recent data breach has impacted the information of 2.2 million MyDeal customers. Woolworths acquired 80% of the MyDeal online marketplace in September, but says MyDeal systems are completely separate from its own systems, which have not been impacted by the incident. | Data Breach | ||
 |
2022-10-17 13:00:00 | 3 Ways EDR Can Stop Ransomware Attacks (lien direct) | >Ransomware attacks are on the rise. While these activities are low-risk and high-reward for criminal groups, their consequences can devastate their target organizations. According to the 2022 Cost of a Data Breach report, the average cost of a ransomware attack is $4.54 million, without including the cost of the ransom itself. Ransomware breaches also took […] | Ransomware Data Breach | ||
 |
2022-10-14 16:08:04 | Shein owner Zoetop fined $1.9m over data breach response (lien direct) | New York Attorney General Letitia James accuses Zoetop of lying about the extent of the 2018 attack. | Data Breach | ||
|
2022-10-14 16:00:00 | Shein Holding Company Fined $1.9m For Not Disclosing Data Breach (lien direct) | The data breach saw Zoetop allegedly trying to keep the real impact of the leak quiet | Data Breach | ||
|
2022-10-13 13:00:00 | How Do Data Breaches Impact Economic Instability? (lien direct) | >Geopolitical conflict, inflation, job market pressure, rising debt — we’ve been hearing about economic headwinds for a while now. Could data breaches have anything to do with this? According to a recent IBM report, the average cost of a data breach has reached an all-time high. Like any other business liability, these costs must be […] | Data Breach | ||
 |
2022-10-12 16:33:00 | 64,000 Additional Patients Impacted by Omnicell Data Breach - What is Your Data Breach Action Plan? (lien direct) | In April 2022, Omnicell reported a data breach affecting nearly 62,000 patients. The company has revealed that the incident has impacted an additional 64,000 individuals. This brings the total number of patients affected to over 126,000. Will you be the next victim like Omnicell? If you are overlooking the importance of data protection, attackers can get you in no time. Explore the impact of | Data Breach | ||
|
2022-10-12 15:00:00 | Singtel\'s Australian IT Firm Dialog Suffers Data Breach (lien direct) | The breach affected around 20 clients and 1000 current and/or former Dialog employees | Data Breach | ||
|
2022-10-11 11:04:00 | Toyota Discloses Data Breach Impacting Source Code, Customer Email Addresses (lien direct) | Japanese car manufacturer Toyota has disclosed a security incident that involved source code hosted on GitHub and which may have resulted in unauthorized access to roughly 300,000 customer email addresses. | Data Breach | ||
|
2022-10-11 10:00:00 | PCI DSS v4.0 (lien direct) | 2022 is the year that much of the world managed, to varying degrees of success, to get back to normal. People ramped up traveling, returned to in-person activities and many returned to the office. The pandemic changed most aspects of day-to-day life, but hackers and other bad actors generally continued making life difficult for businesses, governments, and non-profit entities. As a result, there have been some innovative new ways to target networks and IT infrastructures that keep CISOs and their teams up at night. A sample of those types of concerning threat vectors include Ransomware as a Service, targeting IOT/OT infrastructure, general supply chain attacks. Tried and true methods, like phishing, and targeting unpatched or outdated systems to find vulnerabilities also continued. Data shows that threats are increasing in volume and impact across every industry and government agency. The Cybersecurity and Infrastructure Security Agency (CISA) recently reported that 14 critical US sectors have been the subject to intense ransomware attacks and the FBI identified over 2,000 ransomware attacks between January and July of 2022. (source) CheckPoint estimates that 1 out of 40 organizations will be hit by a ransomware attack and 84% of those sees some amount of data exfiltration. IBM appraises the average cost of a data breach at $4.3M and the recovery time from such attacks is approximately 22 days. And with all of that said, the World Economic Forum still attributes 95% of all data breaches to human error. The cybersecurity industry is fighting back. The PCI Security Standards Council (PCI SSC) sorted through over 6,000 pieces of feedback from over 200 organizations, to help it create the new standard aimed at significantly reducing the success of these types of attacks in the future. On May 31, 2022, the PCI SSC released version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS). This provides an accepted baseline of technical and operational requirements designed to protect various types of user account data. The updated standard and Summary of Changes document are available now on the PCI SSC website. Version 4.0 is a significant update to the standard, so to enable organizations to understand the new requirements and plan, execute and test updates, the current version of 3.2.1 remains active through March 31, 2024. Assessors are undergoing training and certification for the new standard now, and once available, they will be able to assess to either the current or new standard, based upon the plans of the organization. The new standard had many expected updates based upon evolving payment card industry security needs. There are also changes to the frequency of expected effort, shifting from specific durations between work to the idea that security is a continuous process. The stated goals for PCI DSS v4.0 are as follows: Continue to Meet the Security Needs of the Payment Industry; Promote Security as Continuous Process; Add Flexibility for Different Meth | Ransomware Data Breach Tool Vulnerability Threat Guideline | ||
|
2022-10-11 04:57:05 | Optus data breach prompts pincer movement of twin regulatory probes (lien direct) | Data retention requirements to be considered alongside infosec failings Australian carrier Optus's recent data breach will be investigated by two regulators, the double trouble likely an indicator of the nation's displeasure at the incident – which saw almost ten million locals' personal data exposed online.… | Data Breach | ★★★ | |
|
2022-10-10 13:52:31 | State Bar of Georgia Confirms Data Breach Following Ransomware Attack (lien direct) | The State Bar of Georgia was hit by a ransomware attack earlier this year and the organization has now confirmed that member and employee information was compromised. | Ransomware Data Breach | ||
|
2022-10-10 13:29:07 | Optus Parent Company Singtel Now Also Confirms Data Breaches (lien direct) | Just weeks after Optus disclosed that the data of 10 million users had been exposed in a data breach, its parent company, Singtel, is coping with two of its own data intrusions, according to The Guardian. Singtel acknowledged that information taken from Singtel in a 2020 cyber-attack appeared in a post on a data breach forum […] | Data Breach | ||
 |
2022-10-07 19:20:30 | The Uber Data Breach Conviction Shows Security Execs What Not to Do (lien direct) | Former Uber security chief Joe Sullivan's conviction is a rare criminal consequence for an executive's handling of a hack. | Data Breach | Uber Uber | |
|
2022-10-07 11:16:52 | Industry Reactions to Conviction of Former Uber CSO Joe Sullivan: Feedback Friday (lien direct) | Former Uber security chief Joe Sullivan has been found guilty by a jury over his role in covering up a massive data breach suffered by the ride sharing giant in 2016. | Data Breach | Uber Uber | |
 |
2022-10-06 21:39:45 | Former Uber CSO found guilty of obstruction in attempted data breach cover-up (lien direct) | Joe Sullivan schemed to hide a 2016 breach of 57 million users' information shortly after he was hired. | Data Breach | Uber Uber | |
 |
2022-10-06 17:00:00 | 5 Questions To Ask When Evaluating a Penetration Testing Company (lien direct) |
Whether your organization has been the victim of a recent data breach or your organization has never had expert penetration testing done before, it's probably time to call in cybersecurity experts. The right cybersecurity company can help you identify the strengths and weaknesses of your networks and systems so you can improve the security posture of your organization and stay one step ahead of threat actors. |
Data Breach Threat | ||
|
2022-10-06 15:00:00 | (Déjà vu) Uber\'s Former Security Chief Convicted of 2016 Data Breach Cover-Up (lien direct) | Joe Sullivan was charged two years ago with obstruction of justice and misprision | Data Breach | Uber | |
|
2022-10-06 13:55:00 | 19-Year-Old Teen Arrested for Using Leaked Optus Breach Data in SMS Scam (lien direct) | The Australian Federal Police (AFP) has arrested a 19-year-old teen from Sydney for allegedly attempting to leverage the data leaked following the Optus data breach late last month to extort victims. The suspect is said to have carried out a text message blackmail scam, demanding that the recipients transfer $2,000 to a bank account or risk getting their personal information misused for | Data Breach | ||
|
2022-10-06 13:18:28 | City of Tucson Data Breach impacted 123,500 individuals (lien direct) | >The City of Tucson, Arizona disclosed a data breach, the incident was discovered in May 2022 and impacted 123,500 individuals. The security breach was discovered at the end of May 2022 and concluded the investigation in September. According to the notification letter sample provided to the Maine Attorney General's Office, over 123,500 were impacted have been impacted […] | Data Breach | ||
|
2022-10-06 13:16:00 | Guilty verdict in the Uber breach case makes personal liability real for CISOs (lien direct) | Yesterday, a federal jury handed down a guilty verdict to Joe Sullivan, the former CSO on charges of “obstruction of the proceedings of the Federal Trade Commission and misprision of felony in connection with the attempted cover-up of a 2016 hack at Uber” according to a notice published by the Department of Justice (DOJ).US Attorney Stephanie Hinds, upon learning of the verdict, admonished companies that are storing data as to their responsibility to also “protect that data and to alert customers and appropriate authorities when such data is stolen by hackers. Sullivan affirmatively worked to hide the data breach from the Federal Trade Commission (FTC) and took steps to prevent the hackers from being caught. We will not tolerate the concealment of important information from the public by corporate executives more interested in protecting their reputation and that of their employers than in protecting users. Where such conduct violates the federal law, it will be prosecuted.”To read this article in full, please click here | Data Breach Hack | Uber Uber | |
|
2022-10-06 12:27:00 | Former Uber Security Chief Found Guilty of Data Breach Coverup (lien direct) | A U.S. federal court jury has found former Uber Chief Security Officer Joseph Sullivan guilty of not disclosing a 2016 breach of customer and driver records to regulators and attempting to cover up the incident. Sullivan has been convicted on two counts: One for obstructing justice by not reporting the incident and another for misprision. He faces a maximum of five years in prison for the | Data Breach | Uber Uber | |
|
2022-10-06 11:37:12 | Personal Information of 123K Individuals Exposed in City of Tucson Data Breach (lien direct) | The City of Tucson, Arizona, is notifying roughly 123,000 individuals that their personal information was compromised in a recent data breach. The incident was identified at the end of May 2022, but the city concluded its investigation only last month. | Data Breach | ||
|
2022-10-06 10:59:08 | 19-Year-Old man arrested for misusing leaked record from Optus Breach (lien direct) | >The Australian Federal Police (AFP) arrested a 19-year-old teen from Sydney for attempting to use data from the Optus data breach in SMS scams. The Australian Federal Police (AFP) has arrested a 19-year-old teen from Sydney for allegedly attempting to use data leaked after the Optus data breach in a fraudulent scheme aimed at extorting […] | Data Breach | ||
|
2022-10-05 21:49:24 | Former Uber CISO Joe Sullivan Found Guilty Over Breach Cover-Up (lien direct) | 
A San Francisco jury on Wednesday found former Uber security chief Joe Sullivan guilty of covering up a 2016 data breach and concealing information on a felony from law enforcement.
|
Data Breach | Uber Uber | |
|
2022-10-05 18:00:00 | Telstra Telecom Suffers Data Breach Potentially Exposing Employee Information (lien direct) | Australia's largest telecommunications company Telstra disclosed that it was the victim of a data breach through a third-party, nearly two weeks after Optus reported a breach of its own. "There has been no breach of Telstra's systems," Narelle Devine, the company's chief information security officer for the Asia Pacific region, said. "And no customer account data was involved." It | Data Breach | ||
|
2022-10-05 14:58:33 | Telstra Telecom discloses data breach impacting former and current employees (lien direct) | >Bad news for the Australian telecommunications industry, the largest company in the country Telstra suffered a data breach. Australia’s largest telecommunications company Telstra disclosed a data breach through a third-party supplier. The company pointed out that its systems have not been breached, the security breach impacted a third-party supplier that previously provided a now-obsolete Telstra […] | Data Breach | ||
 |
2022-10-05 14:00:42 | Hyper-Personalized Data Breach Risk Intelligence (lien direct) | >
On average, five data breaches happen every day. Nearly 300 million individuals had their data compromised in 2021. Learn how Sontiq's BreachIQ™ protects the financial health of consumers and businesses. Download Now
|
Data Breach | ||
|
2022-10-05 13:21:19 | City of Tucson discloses data breach affecting over 125,000 people (lien direct) | The City of Tucson, Arizona, has disclosed a data breach affecting the personal information of more than 125,000 individuals. [...] | Data Breach |
To see everything:
Our RSS (filtrered)
