Data Breaches News, Articles and Updates

MPs and Virgin Media customers both caught in password snafu

It would appear both need a lesson on password-hygiene: government ministers are re-using government credentials for social media accounts, and Virgin Media customers aren't changing their default router password.

Bad habits put UK SMEs at risk of data breaches and unauthorised use

Ten percent of small business owners and employees in the UK admit to having poor security habits. The surveyed individuals admitted to regularly sharing confidential files on personal devices or sending documents to their personal emails rather than work emails.

Update: University College London fights off ransomware infection

One of London's most prestigious universities is fighting off a ransomware infection, according to its information security team.

Verizon closes Yahoo deal for $4.48 billion after long, bumpy road

Verizon has finally acquired Yahoo, at a discounted price, after a deal marred by the admission that Yahoo had been subject to two of the largest breaches ever recorded.

UK's Privacy watchdog Heartbleeds Gloucester City council for £100k

Gloucester City Council must pay £100,000 to the Information Commissioner after it fell victim to the HeartBleed vulnerability, months after it had been patched.

Apple contractors based in China caught selling customer data

Authorities in China have unmasked a massive underground market where Apple contractors were selling user data of Apple's Chinese customers.

Hackers post plastic surgery clinic's patient files after blackmail campaign

Hackers on Tuesday publicly posted more than 25,000 files and private images stolen from a Lithuanian plastic surgery clinic

Russian closer to extradition for accusations of LinkedIn and Dropbox hacks

A Russian accused by the FBI of hacking into a number of US companies is a step closer to extradition from the Czech Republic.

Over 560 million breached account credentials curated in 'Combo List'

Kromtech researcher finds massive database of account credentials collated and curated from previously published data breaches.

UK consumers have lost trust in businesses that mishandle data

Two-thirds of the UK public have lost trust in or even boycotted businesses that mishandle data.

The data breach as a non-event: minimising the impact of the inevitable

Intrusions by hackers are all but inevitable, but Matt Little says organisations can minimise the damage from a breach by encrypting their proprietary information and customer data.

Brooks Brothers breach in payment card palaver for a year

The clothing retailer has had payment card malware harvesting customer details for nearly a year.

UK and US businesses overconfident in preparedness of data breaches

Despite most UK and US businesses reporting cyber-security breaches in the last year, large numbers of them overestimate their readiness to fight breaches.

The ABTA cyber-breach: the importance of strong SLAs in the run up to GDPR

Jon Lucas explores the security features that organisations should look for when entrusting their data to managed service providers.

Guardian Soulmates get bawdy spam as third-party error exposes data

The users of Guardian Soulmates have gotten the Ashley Madison treatment as an exposure of user data has led to a series of users receiving lascivious spam emails.

Breach of UK's Debenhams site impacts 26,000 consumers

The Flowers website of Debenhams, the UK's largest department store chain (in outlet numbers), was hit with a breach.

Election hack? "Could've been China," Trump says

"Could've been China, could've been a lot of different groups," the US president said.

Duo pleads guilty in TalkTalk breach

Two men were convicted in the UK for the 2015 TalkTalk breach after admitting their part in the attack that affected 160,000 customers.

Financial services sector most attacked in 2016

IBM's X-Force Research Team has found that cyber-criminals follow Willie Sutton's old-school, analog advice on why to rob banks because "that is where the money is."

Russian hacker handed 27 years, 'longest sentence ever', in US courts

Roman Seleznev, a Russian born master hacker, has been sentenced to 27 years in prison for the unprecedented scale of his financial crimes.

Has this new Black Duck report sunk Linus's Law once and for all?

Black Duck's new report showcasing widespread vulnerabilities in open source software challenges the widely and tightly held belief in Linus' law.

Hotel chain giant card payment breach could have 'over 1000' locations

A breach on the card systems of a major international hotel chain looks much larger than initially expected.

1.7M Snapchat user details allegedly posted in India

After alleged comments from Snapchat CEO Evan Spiegel appeared in Variety, hackers in India, as yet unidentified, took the disparaging remarks personally and in an apparent act of revenge claimed to have posted personal details of 1.7 million Snapchat users online.

Update to RingGo app leaves thousands of UK drivers' data exposed

An update to car parking payment app "RingGo" has led to the exposure of the personal details of thousands of UK drivers.

Hackers compromise third-party vendor Amazon accounts

The threat actors have reportedly changed the bank-deposit information on the compromised accounts to steal thousands from the users.

Gemalto Breach Level Index: 1.4bn data records compromised in 2016

Almost 1.4 billion data records compromised in 2016 as hackers targeted large-scale databases across multiple industries.

Sports Direct and the data breach - a tale of destroyed trust

Brian Vecci discusses last year's Sports Direct data breach and how the company has been accused of failing to tell its employees that their personal details may have been accessed by a hacker.

New York data breaches rise by 60% due to hacking and insiders

The New York attorney general has announced a large rise in reported data breaches over 2016.

Accounts switched around as Three mobile customers report new breaches

Three Mobile customers of Three UK are reporting logging into their accounts only to find the information of complete strangers.

IT admin sued by ex-employer for alleged malicious insider data theft

One IT administrator is being sued by a former employer for allegedly accessing the company's networks in his new job to gain some kind of competitive advantage.