Data Breach News, Articles and Updates

Aetna agrees to $17M to settle data breach

Aetna will pay a $17.1 million as part of a settlement for a July 2017 data breach that may have compromised the information of thousands of HIV patients.

Separate ransomware attacks strike New Mexico city, Indiana health care provider

A New Mexican city of roughly 45,000 people and an Indianan hospital operator have fallen victim to separate ransomware attacks this month. In other localized news, a data breach at a third-party educational testing service exposed information belonging to 52 students in New York State.

Jason's Deli reports possible POS data breach

The 266-location Jason's Deli is notifying its customers that their payment card information may have been compromised through a point of sale data breach.

Proposed law would levy substantial penalties on breached credit reporting agencies

A newly proposed legislation introduced by two Democratic U.S. senators aims to impose stiff, mandatory penalties on credit reporting agencies (CRAs) like that fail to protect consumers' sensitive information from data breaches.

FTC fines VTech toy firm over data breach

The Federal Trade commission fined toy firm VTech $650,000 as part of a settlement for violating a U.S. children's privacy laws.

North Carolina introduces data breach legislation, after incidents rise in 2017

More than 5.3 million residents of North Carolina were victims of data breaches in 2017 - an escalating trend that has prompted state Attorney General Josh Stein (D) and state Rep. Jason Saine (R) to introduce newly proposed legislation to prevent further incidents and protect the public.

Breach possibly exposed sensitive data on up to 30K Florida Medicaid recipients

The Inspector General's initial review indicated that the names, Medicaid ID numbers, birth dates, diagnoses, Social Security numbers, addresses, and medical conditions of up to 30,000 recipients "were accessed in part or full."

India's 1.2 billion citizen national database reportedly breached

India's national ID database containing the information of nearly 1.2 billion people was breached with cybercriminals selling access to the information for $8.

DHS data breach affects 250,000 staffers, investigation subjects and witnesses

More than 250,000 Department of Homeland Security (DHS) employees along with individuals involved in on-going DHS criminal investigations, including witnesses, had their personally identifiable information (PII) compromised in a data breach.

Forever 21 blames POS malware, lapses in encryption, for payment card data compromise

A POS malware infection was responsible for compromising payment card data collected at certain Forever 21 stores last year -- an attack that was exacerbated by a lack of encryption on some devices, the apparel retailer stated.

SSM Health call center agent with access to records allegedly violated patient privacy

A one-time employee of Midwestern health care system SSM Health with legitimate access to thousands of patients' records allegedly violated HIPAA privacy regulations in a data breach incident, the St. Louis-based company disclosed on Dec. 29.

Migos' Offset iCloud hacked, nude images of fiancé Cardi B leaked

Rapper Cardi B is threatening legal action after hackers broke into her fiancé Offset's iCloud account to steal nude images of the female rapper.

Nissan Canada Finance Alerts 1.13 Million Customers of Unauthorized Info Access

Nissan Canada Finance (NCF) reported last week that it became aware on Dec. 11 of unauthorized access to personal information of some of its 1.13 million customers.

Stanford University school's chief digital officer leaves role after data breach

Following a pair of data breaches that potentially exposed highly sensitive student and employee information, the chief digital officer at Stanford University's Graduate School of Business has reportedly stepped down.

Uber paid Florida hacker responsible for breach $100K through bug bounty program

Uber reportedly funneled payment through the program - intended to encourage security researchers to find and disclose vulnerabilities - which is hosted by HackerOne.

Retailers still in need of data breach response plan

Between the holiday shopping season now being in full swing and the growing number of retailers hit with data breaches Tripwire was surprised that a recent survey it conducted found a large percentage of retailers had no data breach response plan in place.

Stanford University server exposes data of 10,000 staffers

The University of Stanford announced that it has left sensitive student and staff data exposed on three separate occasions over the last year.

Senate bill introduced that would require jail time for data breach cover ups

Three U.S. Senators have introduced a bill that would require jail time for corporate executives who do not notify consumers of a breach within 30 days.

Morrisons Supermarket held liable after employee leaks data

U.K. Supermarket chain Morrison's was found liable, in a first of its kind data leak class action suit, for the actions of a former employee who stole and leaked company data.

National Credit Federation unsecured AWS S3 bucket leaks credit, personal data

The exposed data -- a whopping 111 GB worth - allegedly affects tens of thousands of consumers.

Firefox tests in-browser breached site notifications

Firefox is testing out a warning system that will notify users when they visit sites that have been breached.

Majority of U.K. Uber users and drivers caught up in data breach

More than half of all Uber riders and drivers in the U.K. were impacted by the ride sharing company's data breach that was revealed last week.

Senators demand answers from Uber after breach debacle

U.S. senators on both sides of the aisle have sent letters to Uber demanding answers in the wake of the transportation company's disclosure that it had concealed an October 2016 hacking incident that compromised the information of 57 million customers and drivers.