Data Breaches News, Articles and Updates

UK public won't trust a breached company yet fail to protect their own data

70 percent of people say that they would stop doing business with companies following a data breach, but they are about to be engulfed in data breach reality with GDPR breach reporting as under-reporting of breaches is huge.

News feature: Simulated attack, lessons learned on all sides

Learning by doing. If you don't have - and practice - a breach recovery plan, then a simulation exercise can demonstrate why you should have one, identify your weak spots, and encourage you to take action to plug the holes.

The problem with your inherited legacy systems

Most breaches we become aware of are caused by failure to update software components that are known to be vulnerable for months or even years.

Study: Organisations suffer critical & costly IT incidents 5 times a month

Organisations experience a critical IT incident five times per month, with each costing £108,000, according to a new report based on a study conducted by research firm Quocirca on behalf of big-data company Splunk.

Full Disk Encryption (FDE) - getting off on the right foot protecting data

Deploying BitLocker is only a start to effective full disk encryption explains Mark Hickman adding that on-demand encryption/decryption must be made easy, even transparent for employees, or they to look for hacks.

The minimum you need to do before GDPR goes live: 4 stages to compliance

GDPR: It's important to put data intelligence tools in place that will allow you not only to conduct an audit of the data you have collected in the past but also address compliance in the future says Rob Perry.

Data security lessons from the Swedish Transport Agency breach

Ben Rafferty says one positive thing that can be taken from the Swedish Transport Agency outsourcing blunder is that your company can use this disaster to start a conversation about your own data handling and protection strategies.

How the next cyber breach could cost you 4% of revenues: Defensive options

Itay Glick runs through some of the protections and their effectiveness against becoming not just the victim of a data breach, but also an early casualty of swinging GDPR fines.

Researchers find 7 percent of all Amazon S3 servers exposed

A recent study by SkyHigh Networks found seven percent of all Amazon S3 servers are exposed which may explain a recent surge of data leaks in the last few months including the information on 198 million American voters.

Managing data security in a multi-cloud environment: control & compliance

As organisations continue to embrace the benefits offered by diverse multi-cloud environments, it's essential that they're aware of how best to achieve both compliance and control says Peter Galvin.

Coming, ready or not: The cost of GDPR non-compliance

Implementation of GDPR could potentially spell the end of almost one in five European businesses says Petter Nordwall, particularly if regulators come out swinging and impose maximum fines for data breaches.

Trapping to hunting: intelligent analysis of anomalies to detect compromises

One of the goals of Breach Detection Systems is to provide the most effective automated detection with minimal false positives, because excessive false positives cause "fatigue" in the incident responder explains Dr. Giovanni Vigna

100% of breached PCI certified companies failed PCI compliance audit

PCI DSS compliance doesn't guarantee security, but half of PCI certified companies aren't compliant which does indicate vulnerability to cyber-attack. "It's not a project, it's a programme - something you need to maintain."

HBO breach accomplished with hard work by hacker, poor security practices by victim

Cyber-security executives are speculating the HBO hack by "Mr. Smith" was the result of the intruder putting in a tremendous amount of effort to infiltrate the entertainment giant.

Steganography attacks - using code hidden in images - increasing

Attacks using code hidden in pictures are difficult to detect and increasing in frequency but protective measures will get better say researchers.

UniCredit Bank's third party leads to hack on 400,000 clients

An attack on Italian bank, UniCredit, has led to the accounts of 400,000 loan customers being accessed.

ICYMI: Home IoT; £40 bn attack bill; Bupa leak; malware duo; Dow Jones

In Case You Missed It: IoT home vulnerability; Cyber attacks cost £40 bn; Bupa insider data leak; dual malware vectors; Dow Jones data at risk

£23 million in Ethereum coins stolen from vulnerable multi-sig wallets

Vulnerabilities in the wallet.sol Ethereum wallet led to the theft of millions of pounds worth of the cryptocurrency by hackers.

Lloyd's of London: Major global cyber-attacks could cost £40 billion

Lloyd's of London has come through with a new report that will provide great clarity to cyber insurers

Insider at healthcare giant BUPA Global leaks 547,000 customer records

An insider has compromised health insurance company BUPA, exposing the records of 547,000 customers.

Verizon 3rd party data security vendor exposes six million accounts

A Verizon third party vendor's misconfiguration a storage repository left the data of a potential six million customers out in the open last month.

What Breach? AA fails to alert customers after server leaks card data

Though the AA's shop was reportedly leaking payment card data, the motoring association did not alert customers.

As SME games company is fined 60k, ICO promises that none will be spared

A Northamptonshire games company has been fined, as an example that any, big or small, who break the rules will be dealt with accordingly says ICO.

Unprotected web applications: The new security frontier. So reprioritise

Oliver Pinson-Roxburgh discusses the latest trend regarding data breaches as observed by Verizon; namely, the targeting of web applications in data breaches.

Microsoft: CheckPoint research overestimates global Fireball epidemic

Microsoft has cast doubt on a CheckPoint report earlier this month which said that a piece of adware has infected nine percent of networks globally.

Anthem to pay out "largest settlement ever" for 2015 data breach

The US' second largest health insurer is to pay out the largest settlement ever for a data breach.

MPs and Virgin Media customers both caught in password snafu

It would appear both need a lesson on password-hygiene: government ministers are re-using government credentials for social media accounts, and Virgin Media customers aren't changing their default router password.

Bad habits put UK SMEs at risk of data breaches and unauthorised use

Ten percent of small business owners and employees in the UK admit to having poor security habits. The surveyed individuals admitted to regularly sharing confidential files on personal devices or sending documents to their personal emails rather than work emails.

Update: University College London fights off ransomware infection

One of London's most prestigious universities is fighting off a ransomware infection, according to its information security team.

Verizon closes Yahoo deal for $4.48 billion after long, bumpy road

Verizon has finally acquired Yahoo, at a discounted price, after a deal marred by the admission that Yahoo had been subject to two of the largest breaches ever recorded.