Articles about Data Breach

Security firm Trend Micro has revealed details of an inside scam which led to personal details of its customers being exposed.

The security incident dates back to August this year, and the company says that it was made aware of customers being contacted by fake Trend Micro support staff. Following an investigation lasting until the end of October, it was determined that it was a member of staff that had fraudulently gained access to a customer database and sold personal data to a third party.

Continue reading →

Every time there's a major data breach it adds to the pool of stolen details available on the Dark Web, but exactly what is out there?

To find out, ImmuniWeb has been analyzing the quality and quantity of stolen credentials accessible on the Dark Web originating from Fortune 500 companies in 10 different industries around the world.

Continue reading →

With growing consumer awareness of data breaches and the potential for businesses to misuse data, a new survey looks at how this is affecting behavior.

The study from Ping Identity surveyed over 4,000 people around the world and finds 49 percent of respondents are more concerned about protecting their personal information than they were a year ago.

Continue reading →

Folks involved in enterprise mobility and security have witnessed a long and growing list of breaches of consumer mobile devices. One in three organizations admitted to suffering a compromise due to a mobile device, according to a study by Verizon.

Today, it’s past the time for enterprises to become concerned, and nearing the time to become alarmed, as they’re forced to consider the possibility of similar breaches of the apps and devices they provision for their employees. "The popularity of mobile apps in conjunction with the emergence of their security flaws means that mobile is prime to be the next attack vector that threatens corporate data and user privacy," said Adam Ely, founder and COO of Bluebox. In these circumstances, enterprises have to confront their attitudes, and maybe their complacency, and determine if it’s time for a major overhaul of their mobile initiatives.

Continue reading →

Email is now the preferred communication method for businesses, but this brings with it greater risk of employees leaking data due to errors or deliberate activity.

A survey from data security company Egress shows that of employees who had accidentally shared data almost half (48 percent) say they had been rushing, 30 percent blamed a high-pressure working environment and 29 percent said it happened because they were tired.

Continue reading →

New research from Kaspersky finds that the cost of enterprise data breaches has risen from $1.23 million last year to $1.41 million in 2019.

At the same time enterprise organizations have invested more in cybersecurity, with IT security budgets averaging $18.9 million compared to $8.9 million in 2018.

Continue reading →

Around two thirds of businesses have experienced a data breach in the last year and seemingly innocent workplace mistakes could be one of the main causes.

A new report produced by the Ponemon Institute for document security specialist Shred-it reveals that 71 percent of managers have seen or picked up confidential documents left on a printer.

Continue reading →

One year ago this week Facebook suffered a massive data breach that prompted the company to reset access for around 90 million accounts.

A year on from this event what has been done to make users' data more secure and are people becoming more aware of the risks to their privacy from using social networks and other sites? We spoke to Fouad Khalil VP of compliance at SecurityScorecard to discuss these things and more.

Continue reading →

A new study from Optiv Security shows that 58 percent of CISOs think experiencing a data breach makes them more attractive to potential employers.

The survey results show a fundamental change in how senior executives and board members perceive cybersecurity, with 96 percent agreeing that senior executives have a better understanding than they did five years ago.

Continue reading →

Human error has become one of the biggest contributors to data breaches. Organizations have traditionally relied on the effectiveness of technology controls but haven't addressed the fundamental reasons why humans make mistakes and are susceptible to manipulation.

A new report from the Information Security Forum finds that by helping staff understand how these vulnerabilities can lead to poor decision making and errors, organizations can better manage risk.

Continue reading →

It seems like every day we hear of a new, high-profile data breach. No longer are we shocked when some major brand is exposed for having lost data at the hands of external bad actors or unwitting internal parties. The question has switched from 'will I be breached?' to 'when will I be breached?'

In football, there’s an adage that the best offense is a good defense. In the battle against cyber attacks, it’s all about choosing the right defense to combat the ever-changing tactics used by bad actors both outside and inside your organization. In order for a team to succeed, it must find and exploit weaknesses in the opposing team’s defense. Cybersecurity is no different.

Continue reading →

Recent studies show that third-party data breaches are the most expensive cyber incidents for businesses today. The rise in associated costs has prompted not only security leadership but also executives and boards to pay close attention to the cyber risk that comes with doing business with their biggest vendors and partners. But what many business leaders don’t realize is that the biggest third-party cyber risks can come from the smallest, most seemingly innocuous places.

Take, for example, the Docker Hub cyberattack that took place this past May. While in the grand scheme a given business ecosystem, Docker Hub’s role -- a container used by developers to store image files -- is small, the extent of the damage to its customers was not.

Continue reading →

Foxit Software has revealed that it "recently" suffered a security breach in which private user data was exposed to unnamed third parties. Those whose account have been affected are being contacted and "encouraged to change their passwords".

The company -- famed for PDF applications such as Foxit Reader and PhantomPDF -- does not say when the incident took place, nor how many users are affected, but it explains that "My Account" section of user accounts was exposed. This includes data such as email addresses, passwords, users' names, phone numbers, company names and IP addresses, but not payment information.

Continue reading →

The Magecart JavaScript attack that captures online payment information has been around since 2016. A new study for Arxan Technologies produced by Aite Group takes a detailed look at the attack.

This research follows the trail of servers compromised by Magecart groups, as well as the collection servers to which the sites were actively sending stolen credit card data, in an effort to examine commonalities between victim websites and the tactics, techniques, and procedures used to compromise the servers.

Continue reading →

Hosting company Hostinger has reset passwords for all of its customers after a data breach in which a database containing information about 14 million users was accessed "by an unauthorized third party".

Hostinger says that the password reset is a "precautionary measure" and explains that the security incident occurred when hackers used an authorization token found on one of the company's servers to access an internal system API. While no financial data is thought to have been accessed, hackers were able to access "client usernames, emails, hashed passwords, first names and IP addresses".

Continue reading →