Pawnbroker chain Cash Converters is investigating a data security breach at its UK operations after receiving email threats of data release.
Enforcing authorisation directly at the data level can be incredibly powerful as it could mean minimal or no changes to the applications that are accessing the data itself says Jonas Iggbom.
Deloitte fell victim to a data breach that could have been prevented by having simple measures that are standard security protocols but businesses must not only focus on the basics, but also incorporate an innovative approach.
Seven in ten people in the UK are being put off recycling old and unused electrical products because of concerns about personal security data breaches.
Amazon is taking action to combat the recent wave of its Amazon S3 server being left misconfigured subsequently exposing potentially sensitive data.
Krack attackers need to be within range of the targeted Wi-Fi network, so widespread data loss is unlikely, but do add fixes when available as this vulnerability would allow anyone to read traffic from mobile and laptop to Wi-Fi devices.
Equifax was financially punished for the breach that allowed the personal data of 145.5 million of its customers to be compromised with revenue down 27 percent (£20 million) in the quarter and breach costs of £66.8 million.
The UEA has suffered another data breach; an email was sent to about 300 students in the social science faculty which included the personal health information of a member of staff, in a repeat use of a flaw not fixed previously.
Former Yahoo chief executive Marissa Mayer apologises for the two massive data breaches at Yahoo that occurred during her tenure and resulted in 3 billion credentials being stolen, blaming Russian agents for at least one of them.
Setting standard configurations based on industry best practices, and continuously monitoring for changes from that baseline enable quick identification of a misconfiguration that could be exploited and address it, before the breach.
The Queen's offshore accounts, Russian links to President Donald Trump's top administration officials among 13.4 million documents exposed in Paradise Papers. Legal and accounting firms can expect to be increasingly targeted.
Another misconfigured Amazon server has resulted in the exposure of personal data - this time on 50,000 Australian employees that were left unsecure by a third-party contractor.
Con Mallon advises, conduct a compromise assessment based on the assumption that you've already been compromised, then pick the right tools, processes, technology and intelligence to combat that threat.
Concerns around compromise increase among IT pros in the face of major breaches at even the most security aware organisations, highlighting muddled responses to softening perimeter.
It is possible that everyone in Malaysia may have had their mobile phone records stolen and put up for sale on the Dark Web.
When companies entrust proprietary data to external business partners, they inherently expose themselves to risk. And these risks often materialise into actual breach incidents warns Alvaro Hoyos.
A bug in T-Mobile's wsg.t-mobile.com API may have allowed attackers to access customer data that can be used to carry out phishing attacks or worse.
The UK Financial Conduct Authority (FCA) has opened an investigation into the massive Equifax data breach that exposed the personal information of almost 700,000 British citizens and 145.5 million worldwide.
The London Bridge Plastic Surgery and Aesthetic Clinic has confirmed in a posted statement that it had been hit with a cyber-attack and data was stolen. The clinic did not say exactly what types of information were compromised.
Russian dark web marketplace Ultimate Anonymity Services (UAS) is selling 35,000 compromised Remote Desktop Protocol servers, which criminals can use to anonymise themselves or access victims' networks.
Formatting old devices or deleting old information and selling it to third parties is common, says Sunil Chandna but data is not permanently removed and destruction or, preferably, true erasure of data is necessary.
The founder of a professional networking site was sentenced to a year and one day in prison after hacking into a competitor's database and attempting to sell his site to the same company whose database he hacked.
Ahead of GDPR, even minor breaches are now being reported, with the UK government agency, the Homes and Communities agency, notifying the ICO of a limited breach of its information security policy on Monday 9 October.
Under GDPR, organisations must notify customers and authorities of a breach within 72 hours of becoming aware of the attack. James Barrett suggests this will transform how breaches are handled, including by companies like Equifax.
Using machine data to monitor staff behaviours can identify potential PII breaches before they happen and avoid the huge fines that would follow once GDPR comes into effect says Matthias Maier
The vast Yahoo breach underscores importance of heeding risk factors, renews interest in GDPR-style legislation
Government organisations responsible for highly sensitive information must ensure that if they are trusting a third-party IT supplier, they have a comprehensive privileged access management strategy in place says Csaba Krasznay
GDPR calls for a documented, systematic approach to evaluating your security measures - including how you patch, but patching Open Source code has its own problems explains Matthew Jacobs and Daniel Hedley.
Debbie Garside says simple end-user error is the biggest risk you face when it comes to data. But instead of end users facing the sack for making honest mistakes employers should be putting systems in place that protect them.
Whole Foods Market, disclosed on Thursday that its has suffered a point-of-sale data breach that compromised the payment card information of customers who used its taprooms and full table-service restaurants.