Breaches: Page 4
-
gorodenkoff via Getty Images
With Sisense compromise, the race begins to understand the impact
CISA is working with private industry partners to investigate the attack on the data analytics platform with particular concern about the impact on critical infrastructure.
By David Jones • April 12, 2024 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA assessing threat to federal agencies from Microsoft adversary Midnight Blizzard
Microsoft previously warned that the Russia-linked threat group was expanding malicious activity following the hack of senior company executives, which it disclosed in January.
By David Jones • April 5, 2024 -
Jeenah Moon via Getty Images
Microsoft Exchange state-linked hack entirely preventable, cyber review board finds
The technology giant’s corporate culture fell short on security investments and risk management, and needs significant reforms, according to a damning report by the U.S. Cyber Safety Review Board.
By David Jones • April 3, 2024 -
Justin Sullivan / Staff via Getty Images
AT&T hit with class action suit over massive data breach
The breach was a “direct result” of AT&T’s failure to implement adequate cybersecurity procedures, the suit alleges.
By Alexei Alexis • April 2, 2024 -
Schweikert, John. (2022). [Photograph]. Retrieved from U.S. Courts.
Change Healthcare faces potential class action as lawsuits rack up
At least six federal lawsuits seeking class-action status were filed since the cyberattack, alleging the technology firm didn’t have reasonable cybersecurity measures.
By Emily Olsen • March 8, 2024 -
GOCMEN via Getty Images
Fidelity Investments Life Insurance says customer data breach linked to third-party hack
The incident at Infosys McCamish also led to a data breach of more than 57,000 Bank of America customers.
By David Jones • March 8, 2024 -
TU IS via Getty Images
Amex cardholder data exposed in merchant processor hack
The point-of-sale attack on a merchant processor may have compromised card numbers, expiration dates and cardholder names, Amex said in a state regulatory filing.
By Caitlin Mullen • March 5, 2024 -
Davis Turner/Stringer via Getty Images
Bank of America customer data exposed in IT provider breach
Infosys McCamish Systems, which works closely with the lender, was impacted by the cybersecurity incident in November that exposed customer Social Security numbers and other account information.
By Rajashree Chakravarty , Naomi Eide • Feb. 13, 2024 -
Alex Wong via Getty Images
HHS settles cybersecurity investigation with Montefiore Medical Center
The nonprofit will pay $4.75 million to settle allegations that data security failures allowed an employee to steal and sell the protected health information of thousands of patients.
By Emily Olsen • Feb. 8, 2024 -
Zephyr18 via Getty Images
Mortgage industry attack spree punctuates common errors
Attacks against Mr. Cooper Group, Fidelity National Financial, First American Financial and loanDepot impacted operations and put customers in a bind.
By Matt Kapko • Feb. 6, 2024 -
Skynesher via Getty Images
AnyDesk initiates extensive credentials reset following cyberattack
The widely used remote access tool revoked all passwords to its web portal as researchers warn about potential theft of AnyDesk’s code signing certificate.
By Matt Kapko • Feb. 5, 2024 -
Courtesy of Cloudflare
Cloudflare hit by follow-on attack from previous Okta breach
A threat actor that previously intruded Cloudflare’s network through its Okta environment regained access with mistakenly unrotated credentials.
By Matt Kapko • Feb. 2, 2024 -
Retrieved from Progress Software on January 18, 2024
MOVEit liabilities mount for Progress Software
The company revealed multiple government investigations are underway into the MOVEit vulnerability. It’s also party to more than 100 class-action lawsuits.
By Matt Kapko • Jan. 30, 2024 -
“Schneider Electric Torgauer Straße auf dem EUREF-Campus Berlin-Schöneberg” by Igor Calzone1 is licensed under CC BY-SA 4.0
Schneider Electric hit by ransomware attack against its sustainability business division
Cactus ransomware reportedly claimed credit for the mid-January attack, and the company unit hopes to restore operations in the next couple of days.
By David Jones • Jan. 30, 2024 -
Courtesy of HPE
HPE hit by a monthslong cyberattack on its cloud-based email
The attack by Midnight Blizzard, the group that recently hit Microsoft, stole emails and data from HPE employees in cybersecurity and other business units.
By Matt Kapko • Jan. 25, 2024 -
TU IS via Getty Images
US data compromises surged to record high in 2023
Breached organizations are withholding critical information more often than ever, underscoring a trend toward opaque notices, the Identity Theft Resource Center said.
By Matt Kapko • Jan. 25, 2024 -
Daphne Howland/Cybersecurity Dive
VF Corp. cyberattack impacted 35.5M consumers
The North Face and Vans parent company originally reported the incident at the height of the holiday season.
By Kaarin Moore • Jan. 23, 2024 -
FangXiaNuo via Getty Images
The number of patient records exposed in data breaches doubled in 2023
Though the number of data breaches declined slightly from 2022, more than 116 million records were exposed last year, Fortified Health Security found.
By Emily Olsen • Jan. 18, 2024 -
DKosig via Getty Images
Wealthy countries boast superior cyber defenses
A nation’s economic prosperity is directly linked to greater defense capabilities, but no country is overachieving in cyber defense, according to SecurityScorecard.
By Matt Kapko • Jan. 17, 2024 -
Retrieved from Colorado State University on January 09, 2024
Deep DiveProgress Software’s MOVEit meltdown: uncovering the fallout
Businesses use the file-transfer service because it checks the compliance boxes for keeping data safe. Though initial attacks were targeted, thousands of bystanding businesses were hit indiscriminately.
By Matt Kapko , Julia Himmel • Jan. 16, 2024 -
JHVEPhoto via Getty Images
Fidelity National Financial cyberattack impacts up to 1.3M customers
While data was stolen and the company faces lawsuits, it does not consider the attack material to the business.
By David Jones • Jan. 10, 2024 -
Leon Neal via Getty Images
How to ensure data privacy in a ChatGPT world
CISOs and CIOs have to balance the need to restrict sensitive data from generative AI tools with the need for businesses to use these tools to improve processes and increase productivity.
By Sue Poremba • Jan. 9, 2024 -
guvendemir via Getty Images
LoanDepot caught in mortgage industry cyberattack spree
The non-bank mortgage lender is the fourth major real estate industry organization hit by a cyberattack since late October.
By Matt Kapko • Jan. 8, 2024 -
GOCMEN via Getty Images
Extent of a cyber specialist law firm’s data breach grows
A two-week long breach exposed a trove of highly sensitive information on Orrick’s clients. The pool of victims quadrupled between its July and December disclosures.
By Matt Kapko • Jan. 5, 2024 -
Getty Images via Getty Images
Xerox discloses a subsidiary’s breach following ransomware claim of data theft
Inc, a relatively new threat group, previously claimed to have stolen company data.
By David Jones • Jan. 3, 2024
Previous
