Security News
Text IQ announced that its solution for identifying personal information outperformed AWS, Microsoft and Google in a real-life comparison of AI recall and precision. As companies across the globe...
Data breaches now cost companies a total of $4.24 million per incident on average, according to the Cost of a Data Breach Report, conducted by Ponemon Institute and analyzed by IBM Security. "While data breach costs reached a record high over the past year, the report also showed positive signs about the impact of modern security tactics, such as AI, automation and the adoption of a zero trust approach - which may pay off in reducing the cost of these incidents further down the line."
A report released Wednesday by IBM Security looks at how and why the average cost of dealing with a data breach has jumped to a new high. To compile its "Cost of a Data Breach Report 2021" IBM Security commissioned Ponemon Institute to survey more than 500 organizations hit by data breaches.
University of San Diego Health this week revealed that personal information was accessed in a data breach involving unauthorized access to some employee email accounts. In a substitute notification, UC San Diego Health revealed that an unknown threat actor accessed or acquired the affected data between December 2, 2020 and April 8, 2021.
A global study commissioned by IBM Security shows that the average cost of a data breach exceeded $4.2 million during the coronavirus pandemic, which the company pointed out is the highest in the 17-year history of its "Cost of a Data Breach" report. The average cost of a data breach increased by nearly 10% compared to the previous year, from $3.86 million to $4.24 million, but IBM noted that "Costs were significantly lower for some of organizations with a more mature security posture, and higher for organizations that lagged in areas such as security AI and automation, zero trust and cloud security."
UC San Diego Health, the academic health system of the University of California, San Diego, has disclosed a data breach after the compromise of some employees' email accounts. UC San Diego Health is one of the nation's best hospitals, being repeatedly ranked as the best health care system in San Diego, according to the 2021-2022 U.S. News & World Report survey.
Law firm Campbell Conroy & O'Neil has warned of a breach from late February which may have exposed data from the company's lengthy client list of big-name corporations including Apple and IBM. The breach, which was discovered on 27 February 2021 when a ransomware infection blocked access to selected files on the company's internal systems, has been blamed on an unnamed "Unauthorised actor." While it's not yet known precisely what data was accessed during the breach, the system affected held a treasure trove including "Certain individuals' names, dates of birth, driver's license numbers/state identification numbers, financial account information, Social Security numbers, passport numbers, payment card information, medical information, health insurance information, biometric data, and/or online account credentials," the company confirmed in a statement regarding the attack.
Attackers have stolen 1 TB of proprietary data belonging to Saudi Aramco and are offering it for sale on the darknet. Saudi Aramco has pinned this data incident on third-party contractors and tells BleepingComputer that the incident had no impact on Aramco's operations.
Fashion retailer Guess last week confirmed that the personal data of some customers was compromised in a ransomware attack it suffered in February 2021. The incident, Guess says, was discovered on February 19.
According to a recent study conducted by Aberdeen, an insider data breach can cost as much as 20% of annual revenue. Allowing the freedom of data movement and keeping trade secrets, including source code, and confidential customer lists, business plans, pricing and the like - secure from malicious and unintentional insider risks will be a continuing challenge if security organizations don't recast their data security strategies and approach to data stewardship.