Security News

Keenan & Associates is sending notices of a data breach to 1.5 million customers, warning that hackers accessed their personal information in a recent cyberattack.Since 2017, it has been part of AssuredPartners NL, one of the largest brokerage firms in the U.S. The company submitted a notification to the Office of the Maine Attorney General, warning that 1,509,616 people were impacted by a data breach incident that occurred in the summer of 2023.

Biotech and DNA-collection biz 23andMe, the one that blamed its own customers for the October mega-breach, just admitted it failed to detect any malicious activity for the entire five months attackers were breaking into user accounts. In a collection of data breach notifications filed with California's attorney general Rob Bonta, 23andMe revealed attackers were using credential stuffing techniques between April 29 and September 27, 2023.

All types of cyber threat actor are already using artificial intelligence to varying degrees, UK National Cyber Security Centre's analysts say, and predict that AI "Will almost certainly increase the volume and heighten the impact of cyberattacks over the next two years." Although AI is used by all types of cyber threat actors, it will particularly benefit less-skilled ones, as it will enhance their ability to carry out social engineering attacks and create convincing phishing emails.

New York-based global financial technology firm EquiLend says its operations have been disrupted after some systems were taken offline in a Monday cyberattack."On January 22, 2024, EquiLend identified a technical issue that placed portions of our systems offline," an EquiLend spokesperson told BleepingComputer today.

Over half of security professionals admit their organizations maintain a culture of security through obscurity, with over one-third admitting they are completely secretive about their cybersecurity activities. While many organizations may fear reputational or monetary damage from proactively sharing findings from vulnerabilities and incidents, I've found the contrary to be true: Embracing a culture of cybersecurity transparency is good for business and for the broader security of the internet.

Mortgage lender loanDepot says that approximately 16.6 million people had their personal information stolen in a ransomware attack disclosed earlier this month. Today, after confirming that millions of people had their data stolen, the company said it would notify individuals impacted by this data breach, providing them with free credit monitoring and identity protection services.

The largest bank in the United States repels 45 billion - yes, with a B - cyberattack attempts per day, one of its leaders claimed at the World Economic Forum in Davos.Mary Callahan Erdoes, JPMorgan Chase's CEO in charge of asset and wealth management, revealed the figure during a discussion of the future of banking at Davos yesterday, adding that the number is twice what the institution faced a year prior.

Kansas State University announced it is managing a cybersecurity incident that has disrupted certain network systems, including VPN, K-State Today emails, and video services on Canvas and Mediasite. Kansas State University is a public land-grant research university offering 65 masters and 45 doctoral programs.

The cyber attacks targeting the energy sector in Denmark last year may not have had the involvement of the Russia-linked Sandworm hacking group, new findings from Forescout show. The intrusions,...

U.S. mortgage lender loanDepot has suffered a cyberattack that caused the company to take IT systems offline, preventing online payments against loans.LoanDepot is one of the largest nonbank retail mortgage lenders in the USA, employing approximately 6,000 people and servicing loans of over $140 billion.