May 31, 2024 at 03:49PM The BBC confirmed a breach compromising personal information of its pension scheme members. Threat actors copied files from a cloud-based storage containing names, national insurance numbers, and addresses. The BBC assured that the incident source was secured, and specialists found no misuse of the affected files. Investigation is ongoing, with … Read more
May 31, 2024 at 04:49AM The BBC has informed current and former employees about a data breach involving files storing information on BBC Pension Scheme members. Information including names, National Insurance numbers, addresses, and dates of birth was accessed, impacting over 25,000 individuals. The BBC stated there is no misuse evidence and no impact on … Read more
May 28, 2024 at 06:29PM Sav-Rx informed 2.8 million individuals of a potential data breach, which occurred over seven months ago. The company discovered an IT intrusion in October, restored systems, and initiated an investigation, revealing unauthorized access to personal information. Affected data may include names, social security numbers, and more. Sav-Rx offers free credit … Read more
May 28, 2024 at 11:12AM The security industry faces vulnerabilities from software/hardware weaknesses to disinformation and policy interference at an industry level, eroding trust and overloading security teams. Government requirements, industry power imbalances, and profit-driven models influence security negatively. Industry standards, government guidance, and deceptive actors pose additional challenges, exacerbated by AI technologies. Security professionals … Read more
May 24, 2024 at 09:59AM In October 2023, the SEC filed a landmark lawsuit against SolarWinds Corp. and its CISO, Timothy Brown, over alleged false statements about cybersecurity. CISOs should enhance communication with financial teams, ensure all statements are rigorously reviewed, maintain top-notch security policies, collaborate with assurance providers, and seek legal counsel amidst evolving … Read more
May 24, 2024 at 09:51AM Threat actors are using fake websites posing as legitimate antivirus solutions like Avast, Bitdefender, and Malwarebytes to distribute malware targeting Android and Windows devices. The malware can steal sensitive information. The firms also observed a new Android banking trojan called Antidot, posing as a Google Play update, to facilitate information … Read more
May 20, 2024 at 04:11PM Deepfakes are now the second most common cybersecurity incident for US businesses, with over a third experiencing such incidents in the last year. Managing third-party vendor risk is a major challenge, and financial allocations for securing supply chain connections are set to increase. While AI and ML are seen as … Read more
May 16, 2024 at 05:54PM The cybersecurity industry faces challenges with data integration, collaboration, and customer security. Vendors’ hypercompetitive dynamic results in complexity, while new technology increases vulnerability. Collaboration, shared standards, greater data control, and investment in cross-technology integration are essential steps to improve network defense without compromising business health. Cooperation within the industry against … Read more
May 16, 2024 at 05:16PM Santander, a Spanish bank, experienced a data breach from a third-party provider, impacting customers in Chile, Spain, and Uruguay. The bank quickly blocked access to the compromised database and implemented fraud prevention measures. External breaches are becoming a common issue for financial institutions, highlighting the need for proactive risk assessment … Read more
May 13, 2024 at 10:19AM The Post Millennial and Human Events were hacked, exposing data of writers, editors, and subscribers. Have I Been Pwned added this data, including names, email addresses, passwords, and more, to their breach notification service. The source of the data is unclear. The affected sites have not issued statements, so subscribers … Read more