Security News

The ALPHV/Blackcat ransomware gang has claimed responsibility for the recent network breaches of Fortune 500 company Prudential Financial and mortgage lender loanDepot. LoanDepot revealed on January 22 that at least 16.6 million people had their personal information stolen in the ransomware attack they confirmed on January 8, two days after disclosing it as a "Cyber incident" on January 6.

Starting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by FCC's updated data breach reporting requirements."Without an FCC rule requiring breach notifications for the above categories of PII, there would be no requirement in Federal law that telecommunications carriers report non-CPNI breaches to their customers," the FCC said.

Data breaches at two French healthcare payment service providers, Viamedis and Almerys, have now been determined to impact over 33 million people in the country.The data protection authority in France has now confirmed both data breaches and says that the attacks impacted 33 million people in the country.

Enforcing a password policy that helps end-users create stronger passwords and blocks the use of weak and common phrases will make it more difficult for hackers. Specops data shows that 83% of compromised passwords satisfied both length and complexity requirements of regulatory password standards.

Leaked credentials from traditional sources are still a prominent and substantial risk to organizations. We monitor more than 14 billion leaked credentials found from dumps across the dark web.

90% of the world's largest energy companies experienced a third-party breach in the past 12 months, according to SecurityScorecard. 92% of the energy companies evaluated have been exposed to a fourth-party breach.

The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files. A brief...

To put an end to the growing, existential threat that healthcare faces, it will take creativity, innovation, partnership, and a willingness to change the current state of IT security and risk management in healthcare. How has the transition to cloud computing changed the cybersecurity landscape for healthcare organizations?

Allianz Commercial analysis of large cyber losses shows the number of cases in which data is exfiltrated is soaring, as is the number of incidents becoming public. "Several factors are combining to make data exfiltration more attractive for threat actors. The scope and amount of personal information being collected is increasing, while privacy and data breach regulations are tightening globally. At the same time, the trends towards outsourcing and remote access leads to more interfaces for threat actors to exploit."

The cost of data breaches to all businesses is at its highest level ever with an average cost of more than $4.4 million globally, more than $5.1 million in Canada, and more than $9.4 million in the U.S. This financial impact could cripple a small business as they face potential regulatory actions and fines, legal fees, and the loss of customers. 3 in 4 small business leaders and 94% of the individual consumers surveyed said they are concerned about future data breaches.