April 29, 2024 at 11:27AM Kaiser Permanente notifies 13.4 million patients of a data breach involving exposure of personal information to third-party advertisers. The leaked data includes names, IP addresses, and health-related search terms, but not sensitive financial information. Following an internal investigation, the organization has removed tracking technologies and added safeguards to prevent future … Read more
April 29, 2024 at 10:29AM Financial Business and Consumer Solutions (FBCS) discovered unauthorized access to its network, impacting 1,955,385 individuals in the U.S. The breach accessed personal data like SSN and account info. FBCS is providing credit monitoring and enhancing security measures. No ransomware group has claimed responsibility. Recipients are urged to stay vigilant against … Read more
April 29, 2024 at 06:24AM The UK Competition and Markets Authority (CMA) has ongoing concerns about Google’s Privacy Sandbox advertising toolkit, leading to the postponement of dropping third-party cookies in Chrome until 2025. Google’s ad reinvention aims to balance privacy and competition, but regulators and industry rivals remain doubtful. The CMA’s report lists almost 80 … Read more
April 26, 2024 at 11:37AM Summary: The 9th Circuit Court of Appeals ruled that police lawfully used a suspect’s fingerprint to unlock his phone. This raises concerns about biometric privacy, especially for groups likely to interact with law enforcement. Experts recommend disabling biometrics when interacting with the police, citing legal ambiguities and the potential risk … Read more
April 26, 2024 at 05:38AM Kaiser Permanente, a major healthcare provider, revealed a data security breach affecting around 13.4 million individuals in the U.S. The leaked information, including personal and navigational data, was transmitted to third-party vendors through the organization’s websites and mobile apps. While sensitive details like usernames and financial information were not shared, … Read more
April 24, 2024 at 05:45AM Security vulnerabilities in cloud-based pinyin keyboard apps, discovered by Citizen Lab, could expose users’ keystrokes to exploitation. Weaknesses found in apps from major vendors affect close to one billion users. Critical flaws in encryption protocols allow adversaries to decrypt keystrokes passively. Most vendors have addressed the issues, but users are … Read more
April 23, 2024 at 01:39PM A Spanish judge has reopened a probe into suspected spying on the cellphone of Spain’s prime minister after receiving a request to collaborate with a similar investigation in France. The investigation involves the use of Pegasus spyware developed by the Israeli NSO Group, which has targeted over 1,000 people across … Read more
April 23, 2024 at 10:13AM UnitedHealth Group confirmed a ransomware attack in February, exposing PII and PHI of many Americans. Despite paying a $22 million ransom, the attacker released data. UnitedHealth reported partial functionality restoration and incurred $872 million in costs. $6 billion was allocated for impacted healthcare providers. Investigation and notifications to affected individuals … Read more
April 21, 2024 at 10:04PM MITRE revealed it was the victim of a cyber attack, despite its strong security measures. The Akira ransomware, deployed by Russian-linked groups, is still a threat, exploiting old vulnerabilities in Cisco software. Important security flaws, including sensitive data exposure and credentials theft, were discovered in various critical systems. Cerebral, an … Read more
April 19, 2024 at 09:48AM SecurityWeek’s cybersecurity news roundup offers a curated selection of significant developments, including incidents of backdooring attempts, increased funding for cybersecurity startups, and vulnerabilities in AI/ML supply chain. Additionally, it reports on legislative developments, cybercriminal activities targeting the automotive industry, and a Moldovan botnet operator’s indictment in the US. Based on … Read more