Security News
DNA testing giant 23andMe has agreed to pay $30 million to settle a lawsuit over a data breach that exposed the personal information of 6.4 million customers in 2023. [...]
Fortinet, a leading cybersecurity company, has confirmed a data breach after a threat actor, using the alias "Fortibitch," claimed to have stolen 440GB of data from its Microsoft SharePoint server hosted on Azure. Fortinet provides secure networking products like firewalls, routers, and VPNs, alongside services like SIEM, EDR/XDR, and consulting. The breach was first reported on a hacking forum, where the attacker shared credentials to an S3 bucket allegedly containing the stolen files. While the threat actor attempted to extort Fortinet, the company refused to pay the ransom.Fortinet has acknowledged that a limited amount of customer data was stolen from a third-party cloud-based file drive. However, the company did not disclose the exact number of customers affected or the type of compromised data. Fortinet later updated its website, clarifying that less than 0.3% of its customer base was impacted and that no malicious activity had been directed toward these customers as a result of the breach. Additionally, Fortinet assured that the incident did not involve ransomware, data encryption, or unauthorized access to its corporate network.
Payment gateway provider Slim CD has disclosed a data breach that compromised credit card and personal data belonging to almost 1.7 million individuals. [...]
American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information. [...]
American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information. [...]
Planned Parenthood has confirmed it suffered a cyberattack affecting its IT systems, forcing it to take parts of its infrastructure offline to contain the damage. [...]
OpenBAS is an open-source platform that enables organizations to plan, schedule, and execute crisis exercises, adversary simulations, and breach simulations. Compliant with ISO 22398 standards,...
While SaaS security is finally getting the attention it deserves, there’s still a significant gap between intent and implementation. Ad hoc strategies and other practices still fall short of a...
CBIZ Benefits & Insurance Services (CBIZ) has disclosed a data breach that involves unauthorized access of client information stored in specific databases. [...]
The U.S. Marshals Service (USMS) denies its systems were breached by the Hunters International ransomware gang after being listed as a new victim on the cybercrime group's leak site on Monday. [...]