Security News
The Securities and Exchange Commission has adopted amendments to Regulation S-P that require certain financial institutions to disclose data breach incidents to impacted individuals within 30 days of discovery. Notify affected individuals within 30 days if their sensitive information is, or is likely to be, accessed or used without authorization, detailing the incident, breached data, and protective measures taken.
The WebTPA Employer Services data breach disclosed earlier this month is impacting close to 2.5 million individuals, the U.S. Department of Health and Human Services notes. A recent update on the U.S. Department of Health and Human Services data breach portal shows that the number of affected individuals is 2,429,175.
Today, the company announced that it has been indirectly impacted by a cybersecurity incident on one of its service providers, that has resulted in a data breach.In a short announcement, the Australian NCSC said that "a commercial health information organisation" reported being "The victim of a large-scale ransomware data breach incident."
Nissan North America (Nissan) suffered a data breach last year when a threat actor targeted the company's external VPN and shut down systems to receive a ransom. [...]
Banco Santander S.A. announced it suffered a data breach impacting customers after an unauthorized actor accessed a database hosted by one of its third-party service providers. [...]
The City of Helsinki is investigating a data breach in its education division, which it discovered in late April 2024, impacting tens of thousands of students, guardians, and personnel."Considering the number of users in the city's services now and in previous years, in the worst case, this data breach affects over 80,000 students and their guardians."
Firstmac Limited is warning customers that it suffered a data breach a day after the new Embargo cyber-extortion group leaked over 500GB of data allegedly stolen from the firm. Yesterday, Have I Been Pwned creator Troy Hunt published on X a sample of the notification letter sent to Firstmac customers, informing them of a severe data breach.
The threat actor behind the recent Dell data breach revealed they scraped information of 49 million customer records using an partner portal API they accessed as a fake company. Yesterday, BleepingComputer reported that Dell had begun to send notifications warning customers that their personal data was stolen in a data breach.
Dell is warning customers of a data breach after a threat actor claimed to have stolen information for approximately 49 million customers.The computer maker began emailing data breach notifications to customers yesterday, stating that a Dell portal containing customer information related to purchases was breached.
The UK Government confirmed today that a threat actor recently breached the country's Ministry of Defence and gained access to part of the Armed Forces payment network.The attacked system contained personal data belonging to active and reserve personnel as well as some recently retired veterans.