12 May 2021

Hackers Stole Data On Nearly 200,000 Veterans Seeking Disability Benefits

An unprotected database containing private information on hundreds of thousands of U.S. veterans was found by Jeremiah Fowler last month. The security researcher discovered evidence that hackers may have stolen the data during a cyberattack. The database belonged to United Valor Solutions, based in North Carolina. The company provides disability

Read More
02 Apr 2021

Ubiquiti Shares Dive After Reportedly Downplaying ‘Catastrophic’ Data Breach

New York City- based IoT device maker Ubiquiti recently disclosed a data breach that was downplayed. After news of the catastrophic data breach, the shares of the company fell significantly this week. In January, Ubiquiti informed customers that unauthorized access to some IT systems hosted by a third-party cloud provider

Read More
01 Apr 2021

Booking.com Fined $558,000 for Late Breach Notification

Booking.com has been fined over half a million USD for failing to report a serious data breach within time limits set forth by the General Data Protection Regulation (GDPR). The company was aware of the breach back in 2019 when scammers targeted roughly 40 different employees at various hotels located

Read More
15 Feb 2021

US Court system demands massive changes to court documents after SolarWinds hack

The House Homeland Security Committee has demanded more transparency on what court officials know about the SolarWinds hackers’ access to sensitive filings. The effects of the massive espionage operation could make accessing documents harder for lawyers, the lawmakers say. The Senators are seeking more information about the attackers’ infiltration of

Read More
27 Jan 2021

More Cybersecurity Firms Confirm Being Hit by SolarWinds Hack

Two more companies, Mimecast and Qualys, have emerged in the SolarWinds breach, claiming that they were targeted by the same threat actor that breached the IT management solutions provider SolarWinds. The attack was a sophisticated supply chain hack that eventually went on to install backdoors in US agencies’ systems. Fidelis

Read More
22 Jan 2021

Einstein Healthcare Network Announces August Breach

Einstein Health Network is a Pennsylvania based health care company offering services such as medical rehab, outpatient and primary care centers. The organization recently announced a breach in which an authorized person was able to gain access to sensitive information and emails. Einstein has known about the breach since August

Read More
20 Jan 2021

The aftermath of the SolarWinds breach: Organizations need to be more vigilant

In the wake of the SolarWinds breach in which several key US agencies were hacked in an espionage campaign likely perpetrated by Russian actors, security experts are voicing concerns regarding how organizations manage and implement cybersecurity best practices. It may be necessary for entities to change how they vet vendors

Read More
20 Mar 2020

Misconfigured Elasticsearch Instance Exposes More Than 5 Billion Records

An open Elasticsearch incident has reportedly exposed more than 5 billion records from 2012 to March 16, when the breach was discovered. The data in two of the collections is information on data breaches collected by a UK research firm over the course of the same time period. The data

Read More
06 Mar 2020

3 Data Breaches Disclosed This Week: J.Crew, T-Mobile, and Carnival

This week, a series of enterprise data breached were disclosed, effecting the companies T-Mobile, J.Crew, and Carnival Corp. The high toll this week underscored how cybercriminals have been targeting companies recently. J.Crew stated that its customers’ information was compromised, and email addresses and passwords were obtained by an unauthorized third

Read More
21 Jan 2020

GDPR: 160,000 data breaches reported already, so expect the big fines to follow

Since the implementation of Europe’s new digital privacy regulations, over 160,000 data breaches have been reported to authorities. An analyst at the law firm DLA Piper found that after the General Data Protection Regulation (GDPR) came into effect, the first eight months saw an average of 247 breach notifications per

Read More