Articles about Data Breach

A new report looking at the long-tail impact data breaches have on a brand's value shows that the world's 100 most valuable brands could lose as much as $223 billion from a data breach.

The study from IT consulting firm Infosys and brand consultancy Interbrand looks at the brand factors most impacted when a company suffers a data breach -- presence, affinity, and trust -- and simulates the resulting brand value at risk in the event of a breach.

Continue reading →

The number of publicly reported breach events decreased by 48 percent in 2020. However, more than 37 billion records were compromised, an increase of 141 percent.

A report released today by Risk Based Security reveals that this is by far the most records exposed in a single year since the company began reporting in 2005.

Continue reading →

It is a few months since Nitro PDF was hit by hackers in a huge data breach. While the stolen data was initially put up for sale, now it has been made available free of charge.

What this means is that a database containing over 77 million user records is now freely available for just about anyone to download. The database weighs in at around 14GB and includes not only names and email addresses, but also passwords.

Continue reading →

From January through October 2020 there have 730 publicly disclosed events resulting in over 22 billion records exposed worldwide according to a new report from Tenable's Security Response Team (SRT).

Of breaches analyzed 35 percent were linked to ransomware attacks, resulting in major financial cost, while 14 percent of breaches were the result of email compromises.

Continue reading →

The popular game Animal Jam, enjoyed by millions of children around the world, has advised parents of a hack which has exposed the personal details of 46 million account records.

The company behind Animal Jam, WildWorks, has issued a warning that details revealed in the attack include 7 million email addresses used to create accounts, and 32 million player usernames. A proportion of the 46 million accounts affected have had full name and billing address details exposed.

Continue reading →

While companies are getting better at protecting their customers’ personal and sensitive information, their focus on security training has declined in the last year according to a new report.

The study from information security service Shred-it shows that 83 percent of consumers say they prefer to do business with companies who prioritize protecting their physical and digital data, so the decline in training risks losing custom as well as security breaches.

Continue reading →

Personal data management software specialist Dataguise is launching a new system that enables organizations to report the impact of a data breach faster and more accurately than ever before.

GDPR requires reporting of breaches within 72 hours of becoming aware, and notifying affected individuals without delay. Dataguise is able to extrapolate the number of unique data elements in a data set quickly, with greater than 90 percent accuracy, using a patent-pending approach based on neural network technologies.

Continue reading →

Although reports of data breaches are down 52 percent in the first half of this year, the number of records exposed over the same period has soared to 27 billion.

The latest Data Breach Report from Risk Based Security shows 2,037 publicly reported breaches from January to June, a 52 percent decrease compared to the first six months of 2019 and 19 percent below the same time period for 2018.

Continue reading →

Have I Been Pwned is unquestionably the best way to discover if your email address has been leaked in a data breach. The site can also check any passwords you use to see if they appear on the web and it can be fun entering some common choices to reveal how often they’ve been leaked. "Password", for example, has appeared in data breaches 3.7 million times, while "123456" crops up a whopping 23.5 million times.

The service is used in numerous third-party tools too, including Spybot Identity Monitor and 1Password. Have I Been Pwned is the work of Troy Hunt, and after failing to sell it earlier in the year, he has decided to take the step of opening source the code base in a quest for a more sustainable future.

Continue reading →

Companies with the worst privacy practices are 80 percent more likely to experience a data breach according to a new study.

Data privacy platform Osano used its evaluation framework to measure the privacy practices of the top 10,000 websites against 163 different factors to develop an Osano Privacy Score.

Continue reading →

An unprotected database belonging to the VPN service UFO VPN was exposed online for more than two weeks. Contained within the database were more than 20 million logs including user passwords stored in plain text.

User of both UFO VPN free and paid services are affected by the data breach which was discovered by the security research team at Comparitech. Despite the Hong Kong-based VPN provider claiming to have a "strict no-logs policy" and that any data collected is anonymized, Comparitech says that "based on the contents of the database, users' information does not appear to be anonymous at all".

Continue reading →

Twitter has emailed an unknown number of users to warn them of a security incident that took place some time prior to May 20 this year.

The company says that personal and billing information of people who used the Ads or Analytics pages on the Twitter site may have been affected. Twitter says that the vulnerability has now been addressed, but has emailed users to explain the circumstances of the incident.

Continue reading →

Cybercriminals exposed more than five billion records in 2019, costing over $1.2 trillion to US organizations. Added to the 2.8 billion records that were exposed in 2018, this means breaches over the last two years have cost US organizations over $1.8 trillion.

This is one of the findings of the latest Consumer Identity Breach Report from ForgeRock, which shows a dramatic increase in the number of breaches.

Continue reading →

A new survey finds that 79 percent of companies experienced at least one cloud data breach in the past 18 months, and close to half (43 percent) reported 10 or more breaches.

The study for cloud access risk security company Ermetic conducted by IDC  covered 300 CISOs and finds that security misconfiguration (67 percent), lack of adequate visibility into access settings and activities (64 percent) and identity and access management (IAM) permission errors (61 percent) are the top concerns associated with cloud production environments.

Continue reading →

According to a new survey, 79 percent of organizations have experienced an identity-related breach in the last two years, while 94 percent report having had one at some point.

The study from the The Identity Defined Security Alliance (IDSA), based on a survey of over 500 IT security and identity decision makers conducted by Dimensional Research, finds that 66 percent say phishing is the most common cause of identity-related breaches, while 99 percent believe their breaches were preventable.

Continue reading →