breaches
-
Blog
Nearly all of the top US banks were impacted by third party breaches last year
Virtually all of the top 100 US banks were hit by third party data breaches last year, including every one of the top ten. Research from SecurityScorecard found 97% of firms reported third-party breaches across the year, although only 6% of vendors were compromised. A similar number also suffered fourth-party breaches, traced back to just 2% of vendors. Ryan Sherstobitoff,…
Read More » -
Blog
Texas medical school notifies 1.5 million people of two data breaches that compromised SSNs, medical records, and financial info
Texas Tech University Health Sciences Center over the weekend confirmed it notified almost 1.5 million people about two data breaches that occurred in September. The medical school notified 650,000 people following a breach at the main TTUHSC campus in Lubbock, Texas, and 815,000 people for another breach at the school’s El Paso branch. The following patient info was compromised: Names…
Read More » -
Blog
Warning issued after Chinese hacker group breaches telco firms in “dozens of countries”
A senior national security adviser in the Biden Administration has warned that a Chinese state-sponsored hacking group has breached telecommunications firms in “dozens of countries”. Anne Neuberger, President Biden’s deputy national security adviser, said the campaign attributed to the threat actor known as Salt Typhoon is ongoing, and has breached at least eight US telcos, according to reporting in the…
Read More » -
Blog
US shares tips to block hackers behind recent telecom breaches
CISA released guidance today to help network defenders harden their systems against attacks coordinated by the Salt Typhoon Chinese threat group that breached multiple major global telecommunications providers earlier this year. The U.S. cybersecurity agency and the FBI confirmed the breaches in late October after reports that Salt Typhoon breached multiple broadband providers, including AT&T, T-Mobile, Verizon, and Lumen Technologies.…
Read More » -
Blog
T-Mobile confirms it was hacked in recent wave of telecom breaches
T-Mobile confirms it was hacked in the wave of recently reported telecom breaches conducted by Chinese threat actors to gain access to private communications, call records, and law enforcement information requests. “T-Mobile is closely monitoring this industry-wide attack, and at this time, T-Mobile systems and data have not been impacted in any significant way, and we have no evidence of impacts…
Read More » -
Blog
Cisco says DevHub site leak won’t enable future breaches
Cisco says that non-public files recently downloaded by a threat actor from a misconfigured public-facing DevHub portal don’t contain information that could be exploited in future breaches of the company’s systems. While analyzing the exposed documents, the company found that their contents include data that Cisco publishes for customers and other DevHub users. However, files that shouldn’t have been made…
Read More » -
Blog
LinkedIn fined €310 million for GDPR breaches
Ireland’s Data Protection Commission (DPC) has hit LinkedIn with a €310 million fine after ruling it misused personal data for behavioral analysis and targeted advertising. The ruling follows a complaint submitted to the French data protection authority in 2018 by privacy non-profit La Quadrature Du Net, and later referred to the DPC as the lead supervisory authority for LinkedIn. The…
Read More » -
Blog
SEC charges tech companies for downplaying SolarWinds breaches
The SEC has charged four companies—Unisys Corp, Avaya Holdings, Check Point Software, and Mimecast—for allegedly misleading investors about the impact of their breaches during the massive 2020 SolarWinds Orion hack. “The Securities and Exchange Commission today charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially…
Read More » -
Blog
Marriott’s FTC charge underlines danger of ‘inheriting’ data breaches during acquisitions
Marriott International has agreed to settle $52 million in penalty charges brought by the federal trade commission (FTC) after suffering multiple breaches over the last ten years. The hotel chain has suffered a number of cybersecurity incidents in recent years, but the initial breach is reported to have originated from Marriott’s subsidiary Starwood Hotels, which it acquired in 2016. As…
Read More » -
Blog
Marriott settles with FTC, to pay $52 million over data breaches
Marriott International and its subsidiary Starwood Hotels will pay $52 million and create a comprehensive information security program as part of settlements for data breaches that impacted over 344 million customers. The settlement requires Marriott and Starwood to implement a comprehensive security program and allow their U.S. customers to request personal data deletions. Additionally, the American hospitality giant has agreed to…
Read More »