Security News

Japanese IT and electronics company NEC Corporation has revealed that hackers had access to its network for a long time, but the incident occurred several years ago. The attack, NEC says, was initially discovered in July 2017, when a report from the security company contracted by the electronics giant revealed unauthorized communications between computers on the internal network and external entities.

Targeting UN networks in Geneva and Vienna, the attacker was able to compromise accounts and data at dozens of servers, prompting one senior UN IT official to call it a "Major meltdown," the New Humanitarian said. "These things...attempts to attack the UN IT infrastructure happen often. The attribution of any IT attack is remains very fuzzy and uncertain. So, we are not able to pinpoint to any specific potential attacker, but it was, from all accounts, a well‑resourced attack."

Understanding Data Breach Myth Vs. Reality.Watch this webinar OnDemand and learn three of the most common data breach myths.

According to the 2019 Cost of a Data Breach study conducted by the Ponemon Institute, the average cost of a data breach in the UK was $4.88 million - up 10.5% on the previous year. At the end of the day, data security should not be viewed as simply a technical problem that's handled by technical personnel working in IT. Best practices for minimizing cyber risk.

Under HIPAA, covered entities are required to report breaches impacting protected health information within 60 days of discovering the breach. In its breach notification statement, PIH Health says that on June 18, 2019, it learned that certain PIH Health employee email accounts had potentially been accessed without authorization as a result of a targeted phishing campaign.

Wednesday is the deadline to seek cash payments and claim free services as part of Equifax's $700 million settlement over a massive data breach. The compromised data included Social Security numbers, birth dates, addresses, driver license numbers, credit card numbers and in some cases, data from passports.

Microsoft has today announced a data breach that affected one of its customer databases. The company informed Microsoft, and Microsoft quickly secured the data.

Mitsubishi Electric says hackers exploited a zero-day vulnerability in its anti-virus software, prior to the vendor patching the flaw, and potentially stole trade secrets and employee data. Mitsubishi Electric says data it believes was exposed during the attack includes records belonging to 1,987 job applicants, employee data for 4,566 new graduate recruitment applicants, information on 1,569 retired employees, as well as corporate-confidential technical and sales materials.

Japanese multinational Mitsubishi Electric has admitted that it had suffered a data breach some six months ago, and that "Personal information and corporate confidential information may have been leaked." According to several reports from Japanese daily newspapers, the company discovered the data breach in late June, when they detected suspicious activities on a server at its Information Technology R&D Center in Kamakura, Kanagawa Prefecture, Japan.

Portland, Oregon-based children's clothing maker Hanna Andersson has quietly disclosed a breach to affected customers. According to the breach notification letter, the "Incident potentially involved information submitted during the final purchase process on our website, www.hannaandersson.com, including name, shipping address, billing address, payment card number, CVV code, and expiration date." These details are often known on the dark web as 'fullz'; that is, the data contains all the information necessary for a criminal to make fraudulent purchases via the internet.