#IdentityProtection

Okta warns of credential stuffing attacks targeting its CORS feature

by

May 29, 2024 at 11:48AM Okta warns of ongoing credential stuffing attacks targeting Customer Identity Cloud (CIC) cross-origin authentication feature since April. The company has identified affected endpoints and advised customers to review logs for specific events, rotate compromised user credentials, and implement passwordless, phishing-resistant authentication. Okta is offering further support through its Customer Support … Read more

Personal Information of 44,000 Compromised in First American Cyberattack

by

May 29, 2024 at 06:36AM First American Financial Corporation disclosed a cyberattack compromising personal information of 44,000 individuals, impacting its subsidiaries. The company took systems offline for containment and later restoration. It informed SEC of the data breach and pledged to notify affected individuals, offer credit monitoring, and didn’t disclose the ransomware gang or payment … Read more

First American December data breach impacts 44,000 people

by

May 28, 2024 at 06:29PM First American Financial Corporation, the second-largest US title insurance company, reported a December cyberattack impacting 44,000 individuals. The California-based company, founded in 1889, offers financial and settlement services to real estate professionals. This breach came a month after settling a 2019 hack and is similar to recent incidents in other … Read more

Cencora data breach exposes US patient info from 11 drug companies

by

May 25, 2024 at 07:33PM Several pharmaceutical companies were affected by a security breach at Cencora, a pharmaceutical services provider, resulting in the exposure of sensitive personal data. Companies impacted include Novartis, Bayer, AbbVie, and others, who are issuing data breach notifications and providing identity protection services to affected individuals in response to the breach. … Read more

Cencora data breach exposes US patient info from 8 drug companies

by

May 24, 2024 at 11:48AM Cencora, a pharmaceutical services provider, suffered a data breach in February 2024 due to a cyberattack, compromising personal data of patients and medication information. This incident has affected major pharmaceutical companies in the US. Cencora has offered affected individuals two years of free identity protection and credit monitoring services. The … Read more

Singing River Health System: Data of 895,000 stolen in ransomware attack

by

May 14, 2024 at 04:13PM Singing River Health System reported a ransomware attack impacting 895,204 individuals. The health provider, with over 3,500 staff, operates multiple hospitals and other facilities in Mississippi. The breach exposed personal and medical data, attributed to the Rhysida ransomware gang. Affected persons are urged to enroll in credit monitoring, be cautious … Read more

University System of Georgia: 800K exposed in 2023 MOVEit attack

by

May 8, 2024 at 05:56PM The University System of Georgia (USG) is sending data breach notifications to 800,000 individuals exposed in the 2023 Clop MOVEit attacks. The breach impacted sensitive information, including social security numbers, and USG is offering identity protection and fraud detection services through Experian until July 31, 2024. The incident highlights the … Read more

Dropbox dropped the ball on security, haemorrhaging customer and third-party info

by

May 1, 2024 at 09:02PM Dropbox has disclosed a significant security breach affecting its eSignature service, Dropbox Sign. Unauthorized access exposed user data such as emails, usernames, and some authentication information. Fortunately, no evidence indicates access to user content or payment details. Dropbox assures that the incident has not affected its financials and is actively … Read more

UnitedHealth confirms it paid ransomware gang to stop data leak

by

April 23, 2024 at 10:30AM UnitedHealth Group paid a ransom to cybercriminals following the Optum ransomware attack in February, which caused significant disruptions to healthcare services. The attack led to 6TB of sensitive patient data being stolen, with ransom payments totaling $22 million. The company has confirmed a data breach incident and is providing support … Read more

180k Impacted by Data Breach at Michigan Healthcare Organization

by

April 18, 2024 at 07:45AM Cherry Street Services (Cherry Health) has notified over 180,000 individuals about a ransomware attack that compromised personal information. The incident, occurring on December 21, 2023, disrupted systems and involved file-encrypting ransomware. The compromised information includes names, Social Security numbers, treatment and prescription details, and financial account information. Cherry Health is … Read more