Data Breach News, Articles and Updates

Rate of data compromise revealed: 121 records per sec; defenders lagging

More data records have been breached in the first six months of 2017 than the whole of 2016. The Gemalto Breach Level Index reports that this amounts to an astonishing 121 records lost or stolen every second of every day.

Equifax hackers likely in network from March - 141 days before discovery

It took Equifax 141 days to discover a breach that exposed the data of 143 million US consumers with hackers likely accessing the credit monitoring firm's systems in March, a full two months before Equifax originally said they did.

Anti-virus collects data without user permissions & uses commercially

A free mobile anti-virus app developed by the DU group, a developer of Android apps, has been found to collect user data without the device owners' consent.

Apache Struts vulnerability led to earlier breach at Equifax

Equifax said a breach it discovered in March was not related to the second in September though the hackers were reportedly the same, and the same vulnerability in Apache Struts was exploited in both incidents.

Cloud providers must protect personally identifiable information

Protecting this data goes beyond your internal data governance processes says Jim Kaskade, it tests how well the business governs customer data beyond the firewall.

Equifax - UK impact 'minimal', Argentina hit, execs quit, Co culpable

Some people in the UK had their data exposed in the US Equifax breach, though UK systems were not hit; Argentina has been hit; senior execs have quit, industry slams company for not patching.

LinkedIn Premium accounts being used in phishing scam

Hackers are using the business-oriented LinkedIn social media site to send phishing InMails posing as a Wells Fargo document - the delivery method is to be trusted, but the content may not be.

New UK data protection bill to be published tomorrow

Tomorrow the UK's new Data Protection Bill is to be published as part of a multi-billion pound National Cyber Security Strategy

Lessons from the Equifax breach - take a data-centric approach

Data on the endpoint did for Equifax, which is why, among other lessons learnt from the recent breach, visibility is a priority says Rick McElroy.

Web App vulnerability enables Equifax breach affecting up to 143m in US

Cyber-criminals gained unauthorised access to Equifax files in a breach that could affect as many as 143 million consumers in the US, the company said Thursday.

Update: Free translation service denies report that it had a breach

It has been reported that a free online translation tool Translate.com which uses machine translation service Microsoft Translator, has suffered a major data breach, but the company has denied that it is a breach.

Top secret data on ex-US military personnel exposed on Amazon S3 server

The resumes of more than 9,000 former U.S. military personnel, many with top secret security clearance, were left exposed on an unsecured Amazon S3 server.

Pharma firms decline to report data breaches - some don't know how

A survey of more than 400 UK IT professionals in the UK pharmaceutical business found many do not report data breaches, in many cases because they do not know how.

ICYMI: Facebook malware; nude celeb hack; logons key; spambot; CeX hack

In Case You Missed It: Facebook spreads malware; Instagram celeb hack; Logon breach id key; Spambot weaponises 711 m accounts; CeX hacked

Instagram hack victims identified, details now for sale on darkweb

The 500 A-list celebrities whose Instagram accounts have been hacked, and whose contact details are for sale on the dark web, have now been identified.

Instagram API hacked, targeting verified celeb accounts for nude pix

Just two days after Selena Gomez's Instagram account was hacked to post leaked nude photos of Justin Bieber, the social media company confirmed it was hit by a cyber-attack targeting several high profile celebrities.

Spambot weaponises 711M accounts to spread Ursnif malware

A Paris-based security researcher, Benkow, spotted a massive spambot, dubbed Onliner, weaponising 711 million email and server accounts to distribute phishing emails laced with malware looking to steal user data.

CeX data breach - up to 2 million hit - and at risk of future scams

Today second hand games and electronics store CeX reported that it had been the victim of a massive data breach, issuing a statement to customers saying, "We have recently been subject to an online security breach."

Hackers leak more celeb nude pics - Dakota Johnson joins Miley Cyrus

Hackers leak more celeb nude pics - Dakota Johnson joins former sports couple Tiger Woods and Lindsey Vonn, actress Kristen Stewart, performers Miley Cyrus and Katharine McPhee, and model Stella Maxwell.

ICYMI: infected apps; LinkedIn; NHS breach; GPS spoofing; board training

In Case you missed it: Dodgy Google play apps again; Linkedin hit; NHS database breach; GPS spoofing US navy?; board training lacking

NHS 1.2 million patient name database hacked 'to expose weaknesses'

The NHS has suffered a data breach in its SwiftQueue appointment booking system whose database contains confidential records on up to 1.2 million people according to an exclusive report in the Sun tabloid newspaper.

ICYMI: Spyware; US data law; NSA tools hack; Games DDoS'd; Skills gap

In Case You Missed It: Spyware in 1,000 apps; US global data grab; NSA tools used to hack hotels; Warcraft DDoS'd; Students narrow skills gap

ICYMI: UK regs; AI weaponised?; Malwaretech; Mandiant; WiFi weak

In Case You Missed It: UK data protection; Is AI weaponised; Is Malwaretech; innocent?; Mandiant leak; WiFi vulnerabilities

Poor staff monitoring sees £100k fine for TalkTalk 21,000 record breach

The Information Commissioner's Office (ICO) fined TalkTalk Telecom Group PLC £100,000 because it did not have appropriate technical or organisational measures in place to keep personal data secure.

Hackers leak info stolen from Mandiant analyst, threaten similar attacks

"This leak was just a glimpse of how deep we breached into Mandiant, we might publish more critical data in the future," 31337's Pastebin message reportedly warned.

HBO hackers may have made off with 1.5 TB of data

The hackers who breached HBO and leaked episodes material allegedly from next week's Game of Thrones - with threats to leak more - may have stolen more than 1.5 Terabytes of data, equal to some 750 hours if true.