All Data Breach articles – Page 2
-
Premium
Shades of SolarWinds in lessons from MOVEit hack
A ransomware attack affecting some of the U.K.’s largest corporations has highlighted once again how exposed organizations can be if the levels of cybersecurity used by their third parties are not as strong as expected.
-
Premium
Verizon report: Lion’s share of data breaches linked to organized crime
About 83 percent of data breaches are perpetrated by external bad actors and not employees, with 70 percent of those breaches linked to organized crime groups with financial motives, according to the latest research.
-
News Brief
Ex-Uber security chief avoids prison in obstruction case
The former chief security officer of Uber Technologies was sentenced to probation by a federal court judge as punishment for his involvement in covering up a 2016 data breach that affected 57 million users.
-
News Brief
SEC orders Blackbaud to pay $3M for misleading ransomware disclosures
Software company Blackbaud agreed to pay $3 million to the Securities and Exchange Commission to settle claims it violated securities law by failing to disclose the true scope of a ransomware attack that affected 13,000 users.
-
News Brief
HHS reports: Compliance reviews, health data breaches up
The number of compliance reviews by the Department of Health and Human Services of health organizations increased between 2017 and 2021, according to the agency’s latest reports to Congress.
-
News Brief
Banner Health to pay $1.25M over HIPAA Security Rule lapses
Banner Health agreed to pay $1.25 million as part of a settlement with the Department of Health and Human Services addressing violations of the Health Insurance Portability and Accountability Act Security Rule regarding a 2016 data breach.
-
Premium
Cybersecurity challenges: Defense and disclosure
Experts share perspectives regarding the criticality of cybersecurity risks, what the response of management and boards should be, and how proposed disclosure requirements need to be incorporated into cyber-related responsibilities.
-
Premium
Study: Healthcare overtakes finance as most breached industry in 2022
Healthcare organizations were under attack more than ever by cybercriminals in 2022, overtaking finance as the most breached industry, according to the latest analysis from Kroll.
-
News Brief
Drizly data security to be monitored for 20 years under FTC order
Online alcohol retailer Drizly and its chief executive officer agreed to data security requirements and to be assessed by an independent monitor for up to 20 years as part of a final settlement with the Federal Trade Commission over a data breach that impacted 2.5 million consumers.
-
Article
Irish DPC probing Twitter over breach affecting 5.4M users
The Irish Data Protection Commission is investigating whether Twitter violated the European Union’s General Data Protection Regulation regarding a data breach alleged to have affected 5.4 million users.
-
Article
Abanca fined $3.3M for missing 2-hour breach reporting deadline
The European Central Bank fined Spanish bank Abanca €3.145 million (U.S. $3.3 million) after it “knowingly failed” to report a major cyber breach within the prescribed two-hour time limit.
-
Article
DOJ official addresses liability concerns stemming from Uber CSO case
Principal Associate Deputy Attorney General Marshall Miller called the conviction of a former Uber Technologies chief security officer on obstruction charges an “outlier” that should not discourage compliance officers from self-reporting violations.
-
Article
Australia privacy law proposal sets steep penalty mark for breaches
The Australian government is weighing stringent new privacy reforms that would establish among the steepest penalty regimes in the world—up to AUD$50 million (U.S. $33.5 million)—for serious or repeated breaches.
-
Article
SolarWinds under SEC probe for handling of 2020 cyberattack
SolarWinds revealed the Securities and Exchange Commission is examining cybersecurity disclosures and public statements the company and its executives made after its massive 2020 data breach caused by hackers backed by the Russian government.
-
Article
FTC places restrictions on CEO in Drizly enforcement proposal
The Federal Trade Commission announced a tentative settlement with online alcohol delivery platform Drizly and its chief executive officer regarding a data breach affecting 2.5 million consumers and the alleged lax security that allowed it to happen.
-
Article
ICO warns of ‘complacency’ in fining Interserve $5M under GDPR
The U.K. Information Commissioner warned companies not to ignore “crucial measures” to prevent cyber incidents following his office’s decision to fine construction firm Interserve £4.4 million (U.S. $5 million) for failing to secure employee personal information.
-
Article
EyeMed fined $4.5M over cybersecurity lapses that led to breach
EyeMed Vision Care agreed to pay $4.5 million as part of a settlement with the New York State Department of Financial Services for cybersecurity control failures that helped enable a 2020 data breach.
-
Article
Fashion retailer Zoetop to pay $1.9M over data breach response
Zoetop, parent company to online clothing retailers SHEIN and ROMWE, agreed to pay $1.9 million as part of a settlement with the New York Attorney General’s Office for failing to properly protect customer information compromised during a 2018 data breach.
-
Article
Ex-Uber security chief found guilty of obstructing FTC data breach probe
Joseph Sullivan, the former chief security officer of Uber Technologies, was found guilty of two felonies connected to allegations he covered up a massive data breach at the ridesharing company and misled federal regulators about Uber’s response.
-
Article
Samsung facing class action alleging CCPA violations over data breaches
Samsung collected too much personal data from customers and failed to adequately secure it, leading to two data breaches this year and potentially millions of harmed individuals, a class-action lawsuit alleges.