All Data Breach articles
-
News BriefNew cybersecurity requirements fast approaching for New York financial firms
Many financial firms have mere days to notify New York about whether they have complied with the state’s strict cybersecurity regulations, and to gear up for new requirements rolling out May 1 and beyond.
-
News BriefT-Mobile reaches $31.5M settlement with FCC over multiple data breaches
T-Mobile, which experienced three huge data breaches in the past three years, agreed to pay $31.5 million in penalties and remediation for failing to protect millions of its customers’ personal information as part of a settlement with the Federal Communications Commission.
-
PremiumAI can help reel in ‘unsustainable’ breach costs, IBM report finds
The global average cost of a data breach jumped to an all-time high for the second year in a row, but companies can reel in the ballooning drag on profits by adopting artificial intelligence, according to an IBM report.
-
News BriefDOJ orders consultants to pay $11.3M total for cyber rule violations
Guidehouse and Nan McKay and Associates will pay a total of $11.3 million to the Department of Justice (DOJ) to settle allegations that cybersecurity failures led to the theft of client personal information during the height of the COVID-19 pandemic.
-
News BriefSEC amends Reg S-P to require data breach notification within 30 days
The Securities and Exchange Commission will require broker-dealers and registered investment advisers to adopt written policies and procedures for handling data breaches of customer data and notify affected customers within 30 days.
-
PremiumReport: Human error driving growing number of data breaches
Verizon’s annual data breach report shows trends in cybersecurity incidents, including more ransomware and extortion attacks last year.
-
News BriefAT&T: Data leak exposed info of 73M customers onto dark web
AT&T said personal account data on approximately 73 million current and former customers was released on the dark web two weeks ago but has not yet identified when and where the breach occurred.
-
News BriefItalian DPA fines UniCredit $3M over data breach GDPR lapses
The Italian data protection authority announced a fine of €2.8 million (U.S. $3 million) against UniCredit for alleged violations of the General Data Protection Regulation regarding insufficient security measures the bank had in place during a cyberattack.
-
PremiumExperts: Good data breach response grounded in preparation
Two chief compliance officers and an attorney discussed preparation for the “when, not if” threat of a data breach during a panel at CW’s Cyber Risk & Data Privacy Summit.
-
News BriefFTC tweaks Safeguards Rule to address data breaches
Nonbank financial institutions must report certain data breaches to the Federal Trade Commission within 30 days of discovery under a new amendment to the agency’s Safeguards Rule.
-
PremiumRisk models show finance, real estate most likely to face costly cyber events
The finance and real estate industries are at higher risk of experiencing a high-cost material cybersecurity incident, compared to other sectors, according to new research from risk modeling firm Kovrr based off data from U.S. Fortune 1,000 companies.
-
News BriefBlackbaud settles with states for $49.5M over 2020 data breach
Software company Blackbaud agreed to pay $49.5 million in a multistate settlement addressing charges related to a 2020 cyberattack that exposed the personal data of approximately 13,000 consumers.
-
News BriefFCA fines Equifax’s U.K. unit $13.3M over 2017 data breach
The Financial Conduct Authority fined Equifax’s U.K. unit more than £11 million (U.S. $13.3 million) regarding the company’s 2017 data breach that affected approximately 13.8 million U.K. consumers.
-
News BriefMGM discloses $100M hit from cyberattack
MGM Resorts International said it expects to take a $100 million hit as part of the fallout of a cyberattack that has most significantly impacted its Las Vegas operations.
-
Resourcee-Book: Risks, opportunities under SEC’s cyber incident disclosure rule
The clock is ticking for public companies to put in place policies and practices to meet the requirements of the Securities and Exchange Commission’s newly approved cybersecurity incident disclosure rule.
-
PremiumIBM report: Data breach costs at all-time high; AI helping detection
The global average cost of a data breach reached a new all-time high of $4.45 million in 2023, according to IBM’s annual report.
-
PremiumGrowing list of MOVEit hack victims shows damage control difficulties
More than 130 organizations are believed to have been impacted by the MOVEit hack, with millions of people’s data at risk. Experts opine on the struggles businesses face in containing exposure.
-
PremiumSEC’s Grewal spotlights enforcement focus on cyber disclosures
The No. 1 priority at the Securities and Exchange Commission after organizations are impacted by a cybersecurity incident is that investors receive timely and accurate disclosures, according to Enforcement Division Director Gurbir Grewal.
-
News BriefAPRA pressures Medibank on cyber enhancements post-breach
The Australian Prudential and Regulation Authority will require Medibank Private to hold 250 million Australian dollars (U.S. $166 million) in extra capital until the insurer remediates identified cybersecurity weaknesses after a significant data breach.
-
PremiumNAVEX report: Driven by cyber threats, infosec compliance top of mind
Compliance teams are taking more responsibility for issues related to information security and data privacy, motivated by increasing threats posed by data breaches and cyber intrusions, according to a new survey from NAVEX.