Articles about Data Breach

The financial impact of a data breach continues to climb for businesses. IBM’s 2018 Cost of a Data Breach Study placed the average total cost of a data breach at $3.86 million, an increase of more than six percent compared to 2017. Every stolen or lost record costs a company $148, putting a hefty price tag on breaches of any size.

Beyond immediate expenses, the required email notification to customers in the database can negatively contribute to a company’s ability to recover from the breach. FTC regulations require the company to contact every customer in their database via email or another method, such as direct mail. If there is a spike in undeliverable emails, mailbox providers (MBPs) will notice the spike, negatively impacting the company’s email deliverability. Thankfully, this impact can be reduced by minimizing unnecessary data before a potential breach and acting immediately after recognizing the breach.

Continue reading →

Following on from yesterday's story about eCommerce site Gearbest leaking customer data the company has issued an official response to ethical hacker Noam Rotem’s report.

It says that its own servers are secure but that, "external tools we use to temporarily store data" may have been accessed by others leading to security having been compromised.

Continue reading →

A badly configured server at Gearbest, the Chinese purveyor of technology and other stuff online, has leaked millions of user profiles and order details.

White hat hacker Noam Rotem discovered an Elasticsearch server that was -- indeed still is at the time of writing -- leaking millions of records each week. These include customer data, orders, and payment records. The server wasn't protected with a password, potentially allowing anyone to search its data.

Continue reading →

New research into consumer trust and spending habits by contact center payment security company PCI Pal shows 62 percent of Americans report that they will stop spending with a brand for several months following a hack or breach, versus 44 percent of Brits.

But when the British do react they do so for the long term, 41 percent of British consumers never return to a brand after a hack compared to only 21 percent of Americans.

Continue reading →

Australia's three main political parties -- Liberals, Labor and Nationals -- as well as the country's parliament have all been hit by a security breach which Prime Minister Scott Morrison says was carried out by a "sophisticated state actor".

Although the country is due to hold elections in the coming months, Morrison says there is "no evidence of any electoral interference". While it is not currently known who is responsible for the attack, various potential culprits have been suggested, including China, the US, Israel and Russia.

Continue reading →

When hackers hit Marriott's Starwood Hotel database last year, it was first thought that half a billion customers might be affected. This estimate was later downgraded to 383 million guests, but this is still a very large number, and it is understandable that many people are concerned that their data may have been accessed.

There was particular concern about whether passport numbers had been accessed, and this is what a new checking tool lets you check. Marriott has teamed up with security firm OneTrust to enable customers to check if their data was included in the security breach.

Continue reading →

A majority of organizations are not confident in their ability to avoid major data breaches according to a new study.

The report for breach avoidance company Balbix, based on research from the Ponemon Institute, shows that 68 percent feel their staffing is not adequate for a strong cybersecurity posture and only 15 percent say their patching efforts are highly effective.

Continue reading →

The photo sharing site 500px has revealed details of a security breach that took place in mid-2018.

The company says that its engineering team only became aware of the breach -- which is thought to have taken place around July 5, 2018 -- a few days ago. 500px launched an investigation in conjunction with a third party and police, and says that "an unauthorized party gained access to our systems and acquired partial user data".

Continue reading →

Users of Trakt -- a service for "scrobbling", or tracking the movies and TV shows you watch in the likes of Plex and Kodi -- have received emails from the company notifying them of a data breach that took place way back in 2014.

Trakt says that although the security breach took place over four years ago, it only recently discovered it. The company says that an investigation is underway, but that it believes a "PHP exploit was used to capture data", including users' emails, usernames, encrypted passwords, names and locations.

Continue reading →

A massive database leak -- dubbed Collection #1 -- has made its way to hacking forums, exposing millions of email addresses and passwords. The news was first shared by Troy Hunt -- the man behind Have I Been Pwned? -- who explains that the leak comprises, "many different individual data breaches from literally thousands of different sources".

Hunt explains that there are "1,160,253,228 unique combinations of email addresses and passwords", so there are a very large number of people that may have been affected by the leak.

Continue reading →

We already knew that Google+ is closing down, but following the discovery of a second data leak, Google has announced that it is bringing the closure forward.

The company has revealed that a bug in the Google+ API exposed the data of 52.5 million users, and as a result it is expediting the shutdown. Previously due to close in August 2019, Google+ will now be killed off in April 2019.

Continue reading →

Question and answer site Quora has revealed that its user data has been compromised as a result of unauthorized access to its systems by a 'malicious third party'.

The breach occurred on Friday and Quora is still investigating the causes. It has taken the step of logging out all users who may have been affected and forcing them to reset their passwords. It also says it will continue to make security improvements.

Continue reading →

Marriott International has revealed that its Starwood Hotel reservation database has been hacked. An investigation carried out by the company revealed that hackers have had unauthorized access to the Starwood network since 2014.

The astonishing revelation means that information of half a billion guests could have been exposed -- including sensitive personal data such as home address and passport number -- and Marriott says there is evidence that data has been copied from its network.

Continue reading →

If you're an Amazon customer you may have received a rather strange email this morning. It states that the company has, "...inadvertently disclosed your name and email address due to a technical error."

It then goes on to say, "The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action."

Continue reading →

If a website suffers a security breach you may well decide that you want to give it a wide berth. The problem is that it is impossible for individuals to keep track of all of the breaches that take place, and Mozilla wants to help out.

After teaming up with Have I Been Pwned recently, Mozilla created Firefox Monitor to help inform people about breaches, and this is now expanding to more languages. On top of this, the organization has also now launched Firefox Monitor Notifications that will issue a warning if you visit a site that has been breached.

Continue reading →