Articles about Data Breach

New data from digital identity platform ForgeRock reveals that data breaches cost US organizations over $654 billion as well as exposing more than 2.8 billion consumer records.

Personally identifiable information (PII) was the most targeted data for breaches in 2018, accounting for 97 percent of all breaches, with unauthorized access encompassing 34 percent of all attacks.

Continue reading →

Flipboard is resetting the passwords of millions of users after suffering a data breach. Hackers were able to access databases containing usernames and passwords, as well as access tokens for some third-party services.

The company has not revealed how many users are affected by the security incident, but says that hackers had access to its systems for a nine months.

Continue reading →

According to the latest Data Breach Report from Risk Based Security the number of reported data breaches was up 56.4 percent in the first quarter of 2019 compared to the same period last year.

The increase in reporting could be a result of new legislation like GDPR that obliges businesses to be more open about security issues. The number of exposed records was also up by 28.9 percent. Already in 2019, there have been three breaches exposing 100 million or more records.

Continue reading →

Security researchers have discovered an unprotected database stored on a Microsoft cloud server. The 24GB database includes personal information about 80 million households across the US.

The researchers from vpnMentor were working on a web mapping project when they made the discovery. They say that as the database they found left out in the open relates to American households which include multiple residents, the data breach could potentially affect hundreds of millions of people.

Continue reading →

The UK has something of a reputation for its wet climate, and its citizens for constantly talking about the weather. So it may come as a surprise to find that in the UK the chance of experiencing a data breach is higher than that of encountering a rainy day.

A survey by technology services company Probrand shows 43 percent of UK businesses having suffered a cyber breach or attack in the last 12 months as against just 36.4 percent chance on average of encountering a wet day.

Continue reading →

One of the biggest worries about someone gaining unauthorized access to your computer is that they can view and steal your data.

The CyberYozh security group has launched a product that protects your sensitive files, browser data and more, by taking the nuclear option of destroying it.

Continue reading →

The financial impact of a data breach continues to climb for businesses. IBM’s 2018 Cost of a Data Breach Study placed the average total cost of a data breach at $3.86 million, an increase of more than six percent compared to 2017. Every stolen or lost record costs a company $148, putting a hefty price tag on breaches of any size.

Beyond immediate expenses, the required email notification to customers in the database can negatively contribute to a company’s ability to recover from the breach. FTC regulations require the company to contact every customer in their database via email or another method, such as direct mail. If there is a spike in undeliverable emails, mailbox providers (MBPs) will notice the spike, negatively impacting the company’s email deliverability. Thankfully, this impact can be reduced by minimizing unnecessary data before a potential breach and acting immediately after recognizing the breach.

Continue reading →

Following on from yesterday's story about eCommerce site Gearbest leaking customer data the company has issued an official response to ethical hacker Noam Rotem’s report.

It says that its own servers are secure but that, "external tools we use to temporarily store data" may have been accessed by others leading to security having been compromised.

Continue reading →

A badly configured server at Gearbest, the Chinese purveyor of technology and other stuff online, has leaked millions of user profiles and order details.

White hat hacker Noam Rotem discovered an Elasticsearch server that was -- indeed still is at the time of writing -- leaking millions of records each week. These include customer data, orders, and payment records. The server wasn't protected with a password, potentially allowing anyone to search its data.

Continue reading →

New research into consumer trust and spending habits by contact center payment security company PCI Pal shows 62 percent of Americans report that they will stop spending with a brand for several months following a hack or breach, versus 44 percent of Brits.

But when the British do react they do so for the long term, 41 percent of British consumers never return to a brand after a hack compared to only 21 percent of Americans.

Continue reading →

Australia's three main political parties -- Liberals, Labor and Nationals -- as well as the country's parliament have all been hit by a security breach which Prime Minister Scott Morrison says was carried out by a "sophisticated state actor".

Although the country is due to hold elections in the coming months, Morrison says there is "no evidence of any electoral interference". While it is not currently known who is responsible for the attack, various potential culprits have been suggested, including China, the US, Israel and Russia.

Continue reading →

When hackers hit Marriott's Starwood Hotel database last year, it was first thought that half a billion customers might be affected. This estimate was later downgraded to 383 million guests, but this is still a very large number, and it is understandable that many people are concerned that their data may have been accessed.

There was particular concern about whether passport numbers had been accessed, and this is what a new checking tool lets you check. Marriott has teamed up with security firm OneTrust to enable customers to check if their data was included in the security breach.

Continue reading →

A majority of organizations are not confident in their ability to avoid major data breaches according to a new study.

The report for breach avoidance company Balbix, based on research from the Ponemon Institute, shows that 68 percent feel their staffing is not adequate for a strong cybersecurity posture and only 15 percent say their patching efforts are highly effective.

Continue reading →

The photo sharing site 500px has revealed details of a security breach that took place in mid-2018.

The company says that its engineering team only became aware of the breach -- which is thought to have taken place around July 5, 2018 -- a few days ago. 500px launched an investigation in conjunction with a third party and police, and says that "an unauthorized party gained access to our systems and acquired partial user data".

Continue reading →

Users of Trakt -- a service for "scrobbling", or tracking the movies and TV shows you watch in the likes of Plex and Kodi -- have received emails from the company notifying them of a data breach that took place way back in 2014.

Trakt says that although the security breach took place over four years ago, it only recently discovered it. The company says that an investigation is underway, but that it believes a "PHP exploit was used to capture data", including users' emails, usernames, encrypted passwords, names and locations.

Continue reading →