Articles about Data Breach

According to a new report, 80 percent of insured companies that have suffered a data breach didn't have sufficient coverage for the incident.

The study, from cybersecurity optimization platform CYE, finds the average coverage gap is 350 percent, which means that more than 75 percent of the incident was not covered.

Continue reading →

With so many data breaches having taken place it's almost inevitable that at least some of your personal information has been exposed online. But finding out exactly what can be tricky.

Malwarebytes is launching a new web portal that gives individuals deep visibility into their exposed personal information, so anyone can easily see where and when a breach compromised their data, types of data exposed, and specific personal data for sale on the dark web.

Continue reading →

According to the latest threat research from SecurityScorecard, 21 percent of S&P 500 companies experienced breaches in 2023.

The report shows that 25 percent of these breaches impacted financial services and insurance companies. Financial institutions have some of the most robust security programs because they have substantial money and assets. But the interconnected nature of the financial sector means that compromising one institution or commonly used product can lead to broader impacts across the entire industry.

Continue reading →

Last year saw a 34.5 percent year-on-year increase in reported data breach incidents, with over 17 billion records compromised according to a new report from Flashpoint.

This trend looks set to continue as the first two months of 2024 alone saw a massive 429 percent spike in stolen or leaked personal data compared to the same period in the previous year.

Continue reading →

A rise in identity-based attacks can be laid at the door of a rapid increase in malware, according to a new report. Analysis by SpyCloud finds that 61 percent of data breaches in 2023, involving over 343 million stolen credentials, were infostealer malware-related.

Researchers also report that the average identity had a one in five chance of already being the victim of an infostealer infection. Infostealer malware enables criminals to collect vast amounts of information about the user and the device, including a user's session cookies, API keys and webhooks, crypto wallet addresses, and more.

Continue reading →

A new survey of 150 IT security and data science leaders shows that 98 percent of enterprises consider at least some of their AI models crucial to their business success, and 77 percent identified breaches to their AI in the past year.

Yet the study from HiddenLayer shows only 14 percent of IT leaders say their respective companies are planning and testing for adversarial attacks on AI models.

Continue reading →

As cybercrime continues to increase, organizations must consider actions to improve their cyber security and cyber resilience. There are constantly new ransomware and data breach headlines hitting the news, and, according to research, a company falls victim to a cyberattack every 39 seconds.

To bolster cybersecurity, organizations must maintain constant awareness, and they should regularly update systems, encrypt and backup data. Cyber security is an ongoing action, it requires constant vigilance as cybercriminals are always looking for new ways to exploit systems and steal data. In addition, 85 percent of all organizations consider their data as one of their most valuable assets, and hackers also share this view. Ransomware is not a problem that is going to go away on its own, especially as it continues to be very profitable for criminal cyber gangs. Having said that, there are many things that you and your organization can do to mitigate against becoming another victim of cyber crime.

Continue reading →

Businesses rely heavily on technology to drive operational efficiency. While this has benefits, it also brings with it challenges and risks, particularly in the realm of cybersecurity. As cyber threats continue to be a persistent concern for businesses there has been a marked surge in demand for cyber insurance as companies recognize the importance of financial protection in the face of data breaches, ransomware attacks, and other cybersecurity incidents. However, as the threat landscape evolves, so does the landscape of cyber insurance, with insurers raising the bar on their security requirements. 

While this is a concern for businesses that want to ensure that they are insured against potential security risks, there are a few considerations that can help improve their risk profile ahead of a potential breach or attack. Fundamental to this is cyber resilience within the broader framework of operational resilience.

Continue reading →

Researchers at Cybernews have uncovered a huge data leak which could potentially put the entire population of Brazil at risk.

They uncovered a publicly accessible Elasticsearch instance which contained more than 223 million records-worth of private data belonging to Brazilian individuals -- the country's current population is only around 217 million.

Continue reading →

APIs are unseen. They are not typically a technology that end users interact with directly and are somewhat hidden from their day-to-day activities. Therefore, user understanding of API vulnerabilities and the impact an API security incident could have, when it comes to data breaches, is often lacking.

While data breaches are big news, what regularly isn’t reported is the way in which some of these incidents happen. But the reality is that for many data breaches, the weak links, more often than not, are APIs and improper security around those APIs.

Continue reading →

Following a cloud breach, the top three worries of businesses are reputational damage and loss of public trust (39 percent); loss of sensitive data (36 percent); and a loss of revenue generating services (35 percent).

A new report from Illumio, based on a survey of 1,600 IT and security decision makers by Vanson Bourne, finds that in the last year, nearly half of all data breaches (47 percent) originated in the cloud, and more than six in 10 respondents believe cloud security is lacking and poses a severe risk to their business operations.

Continue reading →

Interconnected digital technology advances at a rapid pace, and so do the tactics and strategies employed by malicious individuals, criminal groups, and even nation-states. The World Economic Forum predicts global cybercrime will reach $10.5 trillion by 2025, forcing businesses and governments to look for next-generation solutions against emerging digital threats.

Unfortunately, deliberate criminal activity is only part of the challenge in this data-driven era. Costly leaks of sensitive data might happen due to simple human errors -- in September, Microsoft’s data was leaked two times, not only disclosing the company’s plans for the next-gen Xbox but also exposing private employee data. As we already know, at least one of these events happened due to an accidentally misconfigured URL link.

Continue reading →

It’s no secret that cybersecurity has a significant skills shortage. According to ISC2 research, the worldwide shortage is as high as 3.4 million cybersecurity workers. As a result, security professionals’ skills are in very high demand, making finding and retaining talent challenging. Swimlane’s own research shows that 82 percent of organizations report it takes three months or longer to fill a cybersecurity role, with 34 percent reporting it takes seven months or more.

The situation isn’t improving either. Some 70 percent of companies also report that it takes longer to fill a cybersecurity role now than it did two years ago. The challenge has led one-third (33 percent) of organizations to believe they will never have a fully-staffed security team with the proper skills, according to Swimlane’s survey

Continue reading →

Swap-unwanted-stuff-for-free site Freecycle has acknowledged a security breach that took place at the end of last month. Hackers were able to access a wealth of data including usernames, User IDs, email addresses and passwords.

The organization says that it has notified the "appropriate US authorities" of the incident, as well as the Information Commissioner's Offier (ICO) in the UK. Few details of what happened have been revealed, but Freecycle is advising all members to change their account passwords as a security measure.  

Continue reading →

Among organizations that have suffered data breaches, 58 percent were caused by avoidable issues related to digital certificates.

New research conducted by Forrester for AppViewX also shows that as a result of service outages 57 percent say their organizations have incurred costs upwards of $100,000 per outage.

Continue reading →