Data Breach News, Articles and Updates

Ex-employee Sun Trust helps compromise 1.5 million bank clients

Sun Trust Bank today confirmed it was hit with an insider attack when a former employee, working with a third party, stole company contact lists possibly exposing the personal information of up to 1.5 million customers.

Social media aggregator LocalBlox leaves 48M records exposed

Social media data aggregation firm LocalBlox left an AWS bucket misconfigured revealing 48 million records gleaned from Facebook and other sites.

Ikea's TaskRabbit investigating cybersecurity incident

Ikea's freelance labor marketplace task rabbit temporarily shut down its app and website amid the investigation of a "cyber-security incident"

Texas Health Resources' patient information exposed in October 2017 email compromise

Texas Health Resources, a nonprofit health care delivery system in north Central Texas, has disclosed that an unauthorized party may have gained access to patient information back in October 2017 by compromising some of the organization's email accounts.

Medical supplier Inogen hit with breach, 30,000 possibly affected

A California-based medical device manufacturer reported that 30,000 former and current customers may have had their personal information exposed when a company employee's email account was compromised.

Uber, FTC agree to expanded settlement after second breach

The Federal Trade Commission had already announced a settlement with Uber last August over a previous incident in 2014 when it discovered that the car-sharing service had been less than forthcoming about a second breach.

Verizon report: Ransomware runs rampant, responsible for 39% of malware-caused breaches

Ransomware was the most commonly detected malware in data breaches and related security incidents last year, climbing from fourth overall in 2016 and all the way from the 22nd spot five years ago, according to Verizon's just released 2018 Data Breach Investigations Report.

U.S. Department of Interior CIO office fails IG cybersecurity inspection

The U.S. Department of the Interior Office of the Chief Information Officer (OCIO) essentially received a failing grade from its own Office of the Inspector General (IG) when it comes to following NIST for incident detection and response.

Best Buy payment info compromised in [24]7.ai breach; malware reportedly suspected

Consumer electronics retailer Best Buy on Thursday became the third major company to acknowledge that a portion of its customer payment information was exposed in a data breach of third-party chat and customer engagement services provider [24]7.ai.

Should LinkedIn follow Facebook's lead in data restriction controls?

Facebook's recent announcement to update its data restriction policies has prompted some researchers to turn other social media platforms to review their data practices as well.

Panera breach neglected since 2017, may have exposed data of millions

The personal data of what may have been nearly seven million Panerabread.com customers was left exposed for eight months before being pulled offline today.

Information on 6,800 CareFirst members exposed in phishing attack

CareFirst BlueCross BlueShield said one of its employees fell victim to a phishing attack that led to thousands of its members' personal information being exposed.

Equifax sent erroneous letters to breach victims

During the aftermath of the massive data breach which compromised the data of nearly 150 million consumers, Equifax notified some people using inaccurate letters.

Staff at Northern Ireland assembly warned over email breach

Warnings issued to change passwords. Northern Ireland Assembly has issued warnings to staff following cyber-attacks on its IT system, according to reports by the Belfast Telegraph.

Unsecured N.Y. medical practice server exposes 42,000 records

A Long Island, N.Y., medical practice left an exposed port normally used for remote synchronization open exposing at least 42,000 medical records.

San Diego is suing Experian over data breach

The city San Diego is suing Experian over the data breach that compromised millions of records including those of 250,000 people in San Diego.

Selfies sold alongside personal info pose new threats to wallets

Cybercriminals are selling selfies alongside their data dumps on Russian language dark web forums offering potential buyers more options to exploit victims.

BJC Healthcare data breach, 33,000 affected

BJC HealthCare said a data storage error potentially compromised 33,420 patient records when the information was accidentally made publicly available for nine months.

SEC charges former Equifax U.S. CIO with insider trading related to data breach

The Securities and Exchange Commission (SEC) has charged former Equifax executive Jun Ying with insider trading saying he sold stock based on confidential company information enabling him to avoid more than $117,000 in losses.

Gwent Police sat on data breach exposure for a year before informing ICO

Gwent Police failed to inform up to 450 people that hackers may have accessed their confidential information after it found that an online tool that allowed citizens to report incidents to the Police was exposed to hackers.

Judge rules U.S. breach victims can sue Yahoo

A federal judge in California Friday ruled Yahoo must face many of the claims brought against the firm in a lawsuit over the company's massive data breaches.

Survey: Government workers fear doctors and dentists over data breaches; ghosts and aliens not far behind

A recent survey of 110 U.S. government employees who hold a security clearance at their organization found that more respondents listed heights, food poisoning and doctor/dentist visits as one of their biggest fears than having their company's files stolen in a breach.

N.Y. hospital data breach, 135,000 patients potentially affected

An Albany, N.Y. hospital suffered a data breach affecting about 135,000 patients when an unauthorized party gained access to its servers.

Fresno State data breach, 15,000 affected

A stolen external hard drive has led to the personal information of more than 15,000 people formerly and currently associated with California State University at Fresno athletic department.