University of San Diego Health this week revealed that personal information was accessed in a data breach involving unauthorized access to some employee email accounts. In a substitute notification, UC San Diego Health revealed that an unknown threat actor accessed or acquired the affected data between December 2, 2020 and April 8, 2021.
A global study commissioned by IBM Security shows that the average cost of a data breach exceeded $4.2 million during the coronavirus pandemic, which the company pointed out is the highest in the 17-year history of its "Cost of a Data Breach" report. The average cost of a data breach increased by nearly 10% compared to the previous year, from $3.86 million to $4.24 million, but IBM noted that "Costs were significantly lower for some of organizations with a more mature security posture, and higher for organizations that lagged in areas such as security AI and automation, zero trust and cloud security."
UC San Diego Health, the academic health system of the University of California, San Diego, has disclosed a data breach after the compromise of some employees' email accounts. UC San Diego Health is one of the nation's best hospitals, being repeatedly ranked as the best health care system in San Diego, according to the 2021-2022 U.S. News & World Report survey.
Law firm Campbell Conroy & O'Neil has warned of a breach from late February which may have exposed data from the company's lengthy client list of big-name corporations including Apple and IBM. The breach, which was discovered on 27 February 2021 when a ransomware infection blocked access to selected files on the company's internal systems, has been blamed on an unnamed "Unauthorised actor." While it's not yet known precisely what data was accessed during the breach, the system affected held a treasure trove including "Certain individuals' names, dates of birth, driver's license numbers/state identification numbers, financial account information, Social Security numbers, passport numbers, payment card information, medical information, health insurance information, biometric data, and/or online account credentials," the company confirmed in a statement regarding the attack.
Attackers have stolen 1 TB of proprietary data belonging to Saudi Aramco and are offering it for sale on the darknet. Saudi Aramco has pinned this data incident on third-party contractors and tells BleepingComputer that the incident had no impact on Aramco's operations.
Fashion retailer Guess last week confirmed that the personal data of some customers was compromised in a ransomware attack it suffered in February 2021. The incident, Guess says, was discovered on February 19.
According to a recent study conducted by Aberdeen, an insider data breach can cost as much as 20% of annual revenue. Allowing the freedom of data movement and keeping trade secrets, including source code, and confidential customer lists, business plans, pricing and the like - secure from malicious and unintentional insider risks will be a continuing challenge if security organizations don't recast their data security strategies and approach to data stewardship.
American fashion brand and retailer Guess is notifying affected customers of a data breach following a February ransomware attack that led to data theft. "A cybersecurity forensic firm was engaged to assist with the investigation and identified unauthorized access to Guess' systems between February 2, 2021 and February 23, 2021," the company said in breach notification letters mailed to impacted customers.
Mint Mobile has disclosed a data breach after an unauthorized person gained access to subscribers' account information and ported phone numbers to another carrier. According to the data breach notification email sent to affected subscribers this weekend, between June 8th and June 10th, a threat actor ported the phone numbers for a "Small" number of Mint Mobile subscribers to another carrier without authorization.
CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March. CNA is considered the seventh-largest commercial insurance firm in the US based on stats from the Insurance Information Institute.