October 29, 2024 at 02:00PM Free, France’s second-largest ISP, reported a cyberattack that compromised internal management tools and customer data, affecting over 19 million accounts. The hacker attempted to sell stolen data on the Dark Web. Free confirmed no sensitive information was compromised and has notified affected customers while filing a criminal complaint. **Meeting Takeaways: … Read more
October 17, 2024 at 10:39AM Globe Life reported an extortion attempt by an unknown threat actor who demanded payment to prevent the release of stolen data from earlier this year. The breach could affect over 5,000 customers of its subsidiary, American Income Life Insurance Company. However, the company claims operations and financials remain largely unaffected. … Read more
September 30, 2024 at 06:05PM T-Mobile US has agreed to pay a $31.5 million settlement after a series of cybersecurity breaches affecting millions of customers. The agreement requires the company to invest in its information security program, including appointing a chief information security officer, implementing a zero-trust security framework, and conducting third-party security assessments. The … Read more
September 17, 2024 at 01:38PM The FCC reached a $13 million settlement with AT&T over a 2023 data breach involving 9 million wireless accounts. The breach exposed customer information, including CPNI data. AT&T also agreed to strengthen its data protection practices and implement an Information Security Program. Additionally, AT&T faced another data breach in 2024, … Read more
September 6, 2024 at 03:52PM Transport for London (TfL) reported limited system and email access following a cyberattack, prompting collaboration with government agencies. Despite inaccessible refund services and journey history, TfL assures normal public transport operations. Customer data security is a concern, with temporary disruptions addressed and potential unauthorized system access identified. Essential transport services … Read more
July 13, 2024 at 02:33AM AT&T confirms data breach affecting nearly all wireless customers and MVNOs, compromising call and text records containing interaction details and phone numbers. Threat actors may use stolen data for illicit purposes. AT&T vows to notify affected customers and is working with law enforcement. Third-party cloud provider compromised, linked to other … Read more
July 2, 2024 at 05:30PM A ransomware attack on a financial services provider has reverberated across its partners, leading to potential exposure of customer data. The attack, launched by the LockBit group, targeted Evolve Bank & Trust, compromising customer information. This has rippled through multiple companies, including Wise and Affirm, prompting investigations and concerns among … Read more
June 4, 2024 at 10:14AM An API authorization-bypass flaw in Cox Communications’ infrastructure exposed millions of business customer devices to attacks. Independent bug researcher Sam Curry identified and reported the issue, leading to a prompt fix by the provider. Potential risks included unauthorized access to customer information, Wi-Fi passwords, and connected devices. The vulnerability highlighted … Read more
May 17, 2024 at 01:42PM Slack’s privacy controversy arises from scraping customer data, including messages and files, for AI/ML model development without user opt-in. Despite assurances, Slack admins are seeking to opt-out of data scraping. While Slack insists on technical controls, CISOs argue customers should not bear this burden. Slack assures platform-level ML model transparency … Read more
April 29, 2024 at 10:00AM Businesses urgently adopt new technology to meet customer demands, but this poses cybersecurity risks. A proactive approach integrating cybersecurity defenses with new technology implementation is essential. CEOs invest in AI and cloud solutions to enhance customer experience but often neglect cybersecurity, leaving businesses and customers vulnerable. Integrated cybersecurity measures improve … Read more