From a recent article on Reuters: Government regulators are seemingly as numerous as the stars nowadays, especially in the universe of data incidents. When organizations experience a data incident, they will need to quickly assess what happened, why it happened, and who (e.g., clients, consumers, vendors, employees) was affected. They will also need to chart […]
InfoTechLead reports that Accenture said on Thursday that the US Justice Department is investigating its unit, Accenture Federal Services, over allegations that one or more employees gave inaccurate information concerning the unit’s compliance with federal security controls. The disclosure was made in an SEC filing: After Accenture Federal Services (“AFS”) made a voluntary disclosure to the U.S. […]
PA Media reports that Equifax UK was fined over a breach at the firm’s U.S. owner, Equifax, Inc. The UK’s financial watchdog has fined Equifax £11 million for its role in one of the largest cyber attacks, which affected more than 13 million British consumers in 2017. The credit rating giant failed to keep its […]
Bloomberg reports that “Scattered Spider” may also be responsible for the recent attack on Clorox: A notorious group of hackers blamed for recent breaches on major casino companies is also suspected of being behind a recent cyberattack against Clorox Co. that has led to a nationwide shortage of its cleaning products. Officials suspect that “Scattered Spider” is […]
Another day, another RICO class action? Courthouse News reports: Taxpayers slapped Meta, Google and H&R Block with a sprawling RICO class action Wednesday, claiming that a “shocking breach” coordinated by the companies resulted in scraping taxpayers’ private information for profit. In a 49-page complaint, the plaintiffs say the international firm H&R Block used customers’ private income […]
Over the weekend, a new ransomware group called Ransomed.vc claimed it compromised Sony. The original listing, which has since been replaced, listed a date of September 28, suggesting that if there was no resolution or payment by then, data would be leaked or sold. In an updated listing with a date of September 26, they […]
As an article in DarkReading highlights, it’s tempting to compare the incident responses by MGM Resorts and Caesars Entertainment to their recent cyberattacks because both are the same kind of entity and both were victims of the same threat actors (Scattered Spider/AlphV). But: Caesars quickly negotiated with the cyberattackers, and handed over a $15 million ransom payout, which […]
T-Mobile has had so many data breaches over the years that it’s somewhat understandable that people may rush to assume that something is a breach of their system when it was not. This week, we heard of two situations like that. The first involved customers reporting that after they logged in to T-Mobile’s app, they […]
When New York State Attorney General Letitia James announced a settlement with Marymount Manhattan College stemming from a data breach in 2021, some people discussing the case online were surprised that a state could go after a non-profit college that way, and they wondered if the state could get that kind of settlement with a […]
2023 Ponemon Healthcare Cybersecurity Report
In its second annual Study on Cyber Insecurity in Healthcare, Proofpoint sponsored a Ponemon survey of 653 IT and IT security practitioners to find out how much progress the industry has made in the past year. Here are just a few highlights from this year’s report: You can access the full report on Proofpoint’s website.