Data Breaches News, Articles and Updates

Data security lessons from the Swedish Transport Agency breach

Ben Rafferty says one positive thing that can be taken from the Swedish Transport Agency outsourcing blunder is that your company can use this disaster to start a conversation about your own data handling and protection strategies.

How the next cyber breach could cost you 4% of revenues: Defensive options

Itay Glick runs through some of the protections and their effectiveness against becoming not just the victim of a data breach, but also an early casualty of swinging GDPR fines.

Researchers find 7 percent of all Amazon S3 servers exposed

A recent study by SkyHigh Networks found seven percent of all Amazon S3 servers are exposed which may explain a recent surge of data leaks in the last few months including the information on 198 million American voters.

Managing data security in a multi-cloud environment: control & compliance

As organisations continue to embrace the benefits offered by diverse multi-cloud environments, it's essential that they're aware of how best to achieve both compliance and control says Peter Galvin.

Coming, ready or not: The cost of GDPR non-compliance

Implementation of GDPR could potentially spell the end of almost one in five European businesses says Petter Nordwall, particularly if regulators come out swinging and impose maximum fines for data breaches.

Trapping to hunting: intelligent analysis of anomalies to detect compromises

One of the goals of Breach Detection Systems is to provide the most effective automated detection with minimal false positives, because excessive false positives cause "fatigue" in the incident responder explains Dr. Giovanni Vigna

100% of breached PCI certified companies failed PCI compliance audit

PCI DSS compliance doesn't guarantee security, but half of PCI certified companies aren't compliant which does indicate vulnerability to cyber-attack. "It's not a project, it's a programme - something you need to maintain."

HBO breach accomplished with hard work by hacker, poor security practices by victim

Cyber-security executives are speculating the HBO hack by "Mr. Smith" was the result of the intruder putting in a tremendous amount of effort to infiltrate the entertainment giant.

Steganography attacks - using code hidden in images - increasing

Attacks using code hidden in pictures are difficult to detect and increasing in frequency but protective measures will get better say researchers.

UniCredit Bank's third party leads to hack on 400,000 clients

An attack on Italian bank, UniCredit, has led to the accounts of 400,000 loan customers being accessed.

ICYMI: Home IoT; £40 bn attack bill; Bupa leak; malware duo; Dow Jones

In Case You Missed It: IoT home vulnerability; Cyber attacks cost £40 bn; Bupa insider data leak; dual malware vectors; Dow Jones data at risk

£23 million in Ethereum coins stolen from vulnerable multi-sig wallets

Vulnerabilities in the wallet.sol Ethereum wallet led to the theft of millions of pounds worth of the cryptocurrency by hackers.

Lloyd's of London: Major global cyber-attacks could cost £40 billion

Lloyd's of London has come through with a new report that will provide great clarity to cyber insurers

Insider at healthcare giant BUPA Global leaks 547,000 customer records

An insider has compromised health insurance company BUPA, exposing the records of 547,000 customers.

Verizon 3rd party data security vendor exposes six million accounts

A Verizon third party vendor's misconfiguration a storage repository left the data of a potential six million customers out in the open last month.

What Breach? AA fails to alert customers after server leaks card data

Though the AA's shop was reportedly leaking payment card data, the motoring association did not alert customers.

As SME games company is fined 60k, ICO promises that none will be spared

A Northamptonshire games company has been fined, as an example that any, big or small, who break the rules will be dealt with accordingly says ICO.

Unprotected web applications: The new security frontier. So reprioritise

Oliver Pinson-Roxburgh discusses the latest trend regarding data breaches as observed by Verizon; namely, the targeting of web applications in data breaches.

Microsoft: CheckPoint research overestimates global Fireball epidemic

Microsoft has cast doubt on a CheckPoint report earlier this month which said that a piece of adware has infected nine percent of networks globally.

Anthem to pay out "largest settlement ever" for 2015 data breach

The US' second largest health insurer is to pay out the largest settlement ever for a data breach.

MPs and Virgin Media customers both caught in password snafu

It would appear both need a lesson on password-hygiene: government ministers are re-using government credentials for social media accounts, and Virgin Media customers aren't changing their default router password.

Bad habits put UK SMEs at risk of data breaches and unauthorised use

Ten percent of small business owners and employees in the UK admit to having poor security habits. The surveyed individuals admitted to regularly sharing confidential files on personal devices or sending documents to their personal emails rather than work emails.

Update: University College London fights off ransomware infection

One of London's most prestigious universities is fighting off a ransomware infection, according to its information security team.

Verizon closes Yahoo deal for $4.48 billion after long, bumpy road

Verizon has finally acquired Yahoo, at a discounted price, after a deal marred by the admission that Yahoo had been subject to two of the largest breaches ever recorded.

UK's Privacy watchdog Heartbleeds Gloucester City council for £100k

Gloucester City Council must pay £100,000 to the Information Commissioner after it fell victim to the HeartBleed vulnerability, months after it had been patched.

Apple contractors based in China caught selling customer data

Authorities in China have unmasked a massive underground market where Apple contractors were selling user data of Apple's Chinese customers.

Hackers post plastic surgery clinic's patient files after blackmail campaign

Hackers on Tuesday publicly posted more than 25,000 files and private images stolen from a Lithuanian plastic surgery clinic

Russian closer to extradition for accusations of LinkedIn and Dropbox hacks

A Russian accused by the FBI of hacking into a number of US companies is a step closer to extradition from the Czech Republic.

Over 560 million breached account credentials curated in 'Combo List'

Kromtech researcher finds massive database of account credentials collated and curated from previously published data breaches.

UK consumers have lost trust in businesses that mishandle data

Two-thirds of the UK public have lost trust in or even boycotted businesses that mishandle data.