Security News

Intercontinental Exchange to pay $10M SEC penalty over VPN breach
2024-05-22 17:20

The Intercontinental Exchange will pay a $10 million penalty to settle charges brought by the U.S. Securities and Exchange Commission after failing to ensure its subsidiaries promptly reported an April 2021 VPN security breach. ICE is an American company listed on the Fortune 500 that owns and operates financial exchanges and clearing houses worldwide, including the New York Stock Exchange.

Confused by the SEC's IT security breach reporting rules? Read this
2024-05-22 16:30

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Western Sydney University data breach exposed student data
2024-05-21 19:39

Western Sydney University has notified students and academic staff about a data breach after threat actors breached its Microsoft 365 and Sharepoint environment. In an announcement posted on the Western Sydney University website today, the University warned that hackers had accessed its Microsoft Office 365 environment, including email accounts and SharePoint files.

OmniVision discloses data breach after 2023 ransomware attack
2024-05-20 20:51

The California-based imaging sensors manufacturer OmniVision is warning of a data breach after the company suffered a Cactus ransomware attack last year. On Friday, OmniVision informed the authorities in California of a security breach incident that lasted between September 4 and September 30, 2023, when its systems were encrypted by ransomware.

Nissan infosec in the spotlight again after breach affecting more than 50K US employees
2024-05-20 02:28

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Aussie cops probe MediSecure's 'large-scale ransomware data breach'
2024-05-17 23:31

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

SEC: Financial orgs have 30 days to send data breach notifications
2024-05-17 16:13

The Securities and Exchange Commission has adopted amendments to Regulation S-P that require certain financial institutions to disclose data breach incidents to impacted individuals within 30 days of discovery. Notify affected individuals within 30 days if their sensitive information is, or is likely to be, accessed or used without authorization, detailing the incident, breached data, and protective measures taken.

WebTPA data breach impacts 2.4 million insurance policyholders
2024-05-17 14:45

The WebTPA Employer Services data breach disclosed earlier this month is impacting close to 2.5 million individuals, the U.S. Department of Health and Human Services notes. A recent update on the U.S. Department of Health and Human Services data breach portal shows that the number of affected individuals is 2,429,175.

MediSecure e-script firm hit by ‘large-scale’ ransomware data breach
2024-05-16 17:08

Today, the company announced that it has been indirectly impacted by a cybersecurity incident on one of its service providers, that has resulted in a data breach.In a short announcement, the Australian NCSC said that "a commercial health information organisation" reported being "The victim of a large-scale ransomware data breach incident."

Russian hackers use new Lunar malware to breach a European govt's agencies
2024-05-16 15:57

Security researchers discovered two previously unseen backdoors dubbed LunarWeb and LunarMail that were used to compromise a European government's diplomatic institutions abroad. The pieces of malware have been used to breach the Ministry of Foreign Affairs of a European country with diplomatic missions in the Middle East and have been active since at least 2020. Researchers at cybersecurity company ESET believe that the backdoors may be connected to the Russian state-sponsored hacker group Turla, although attribution has medium confidence at this point.