UK’s Sellafield nuke waste processing plant fined £333K for infosec blunders

October 5, 2024 at 02:16AM Sellafield Ltd, responsible for managing the world’s most radioactive waste, received a £332,500 fine for cybersecurity failings from 2019 to 2023. Despite no reported exploitation of vulnerabilities, the poor practices violated regulations, leaving its IT systems vulnerable. Sellafield pleaded guilty and was penalized by a UK court. Key Takeaways from … Read more

Shoddy infosec costs PwC spinoff and NMA $11.3M in settlement with Uncle Sam

June 17, 2024 at 07:52PM Two consulting firms, Guidehouse and Nan McKay and Associates, agreed to pay a total of $11.3 million to settle allegations of cybersecurity failings in the rollout of COVID-19 assistance. The fines were split with Guidehouse paying $7.6 million and NMA $3.7 million. The firms failed to perform required cybersecurity testing, … Read more

US senator claims UnitedHealth’s CEO, board appointed ‘unqualified’ CISO

May 31, 2024 at 05:34PM Senator Ron Wyden criticized UnitedHealth Group’s CEO for appointing an allegedly unqualified CISO, whom he believes contributed to the company’s recent ransomware attack. Wyden called for an investigation into the company’s failures, citing issues with its CISO’s background, lack of security measures, and a history of negligence. He urged the … Read more

In Other News: Moscow Sewage Hack, Women in Cybersecurity Report, Dam Security Concerns

April 12, 2024 at 10:36AM SecurityWeek’s cybersecurity news roundup provides a concise summary of noteworthy stories that may not receive full articles but are essential for understanding the cybersecurity landscape. This week’s topics include Russia’s attempts to sabotage European railways, a Nigerian national pleading guilty in a BEC scheme, and critical vulnerabilities in various systems. … Read more