Threat actors could gain access to improperly deactivated or unmaintained Salesforce Sites by changing the host header, thereby gaining access to sensitive personal and business data.

Users of the popular file transfer app from Progress Software used by 1,700 software companies and 3.5 million developers are urged to patch immediately.

This week’s healthcare data breach roundup includes multiple ransomware and data extortion incidents, a ransomware attack on Enzo Biochem, and includes ongoing outages at two hospitals in Idaho and Medford Radiology Group.

The retail and cloud computing giant must also implement new privacy and security programs under the terms of the settlements.

Insurance premiums for ransomware are getting more expensive, but organizations continue purchasing cyber-specific plans, according to research and industry experts.

After the Supreme Court overturned Roe v. Wade, Google committed to modifying data retention policies for sensitive locations that could put users at risk.

HIPAA requires entities to disclose breaches within 60 days, but it took 18 months for Apria Healthcare to inform over 1.8 million patients.

Google must also increase transparency about its location tracking settings, after a Washington state investigation determined consumers didn’t have control over their data privacy.