This week: Amazon settled privacy and cybersecurity investigations with the U.S. FTC, SAS received a $3 million extortion demand and apparently Ukrainian hacktivists penetrated Russia's Skolkovo Foundation. Plus, breaches at Onix Group and Toyota and a warning about Salesforce "ghost sites."
A community hospital and its clinics in rural Idaho are diverting ambulances and some patients to other facilities as the entities recover from a cyberattack discovered on Monday. The incident spotlights ongoing healthcare sector cyber challenges, especially in rural communities.
Online sports retailer Sports Warehouse has agreed overhaul its security program and pay a $300,000 fine to New York State after hackers stole 20 years' worth of payment card data and customer information the company was storing in plaintext on its e-commerce server.
Check fraud is back although, technically, it never went away. Today, cybercrime groups are openly hawking fraudulent check schemes on the Telegram messaging app. Check fraud is easier and more accessible, and it’s back in the headlines. Experts say banks need to adopt new solutions to curb losses.
Federal regulators are aiming to protect patient information shared on websites. It's increasingly important for healthcare sector entities to take a careful and proactive approach in how they are using website tracking and analytics technologies, said Lokker CEO and privacy expert Ian Cohen.
Britain's privacy watchdog has seen a surge in data breach reports from outsourcing giant Capita's customers tied to two incidents: a March hack attack by a ransomware group against Capita and one of the company's Amazon Web Service buckets being left unsecured for six years.
In the days between May 19 and May 25, the spotlight was on flaws in Barracuda Networks Email Security Gateway appliances, another GoAnywhere data breach that affected Franklin Templeton Canada and an American teenager out on bail and facing federal charges for hacking DraftKings accounts.
Breach notifications from British outsourcing giant Capita mount amid signs the multibillion-pound company doesn't have a firm grip on how much data it exposed. For a company that trumpets its ability to "achieve better outcomes," Capita's inability to grasp the impact of its breaches is ironic.
In the latest weekly update, four ISMG editors discuss the mounting fallout from the March hack of Capita and accompanying data breach, the comprehensive crypto regulation adopted by the EU, and Crosspoint Capital's agreement to purchase Absolute Software for $657 million.
In this week's data breach roundup: the Philadelphia Inquirer, Swiss multinational ABB, French electronics manufacturer Lacroix, the U.S. Department of Transportation employee data and more. Dallas is still recovering from a ransomware attack and researchers infiltrated a ransomware group.
Developing a cyber resilience playbook is a continuous process that demands constant enhancement, rather than a one-time input. By beginning with targeted action items and progressively expanding upon them, organizations can make every conceivable recovery scenario more manageable.
Gaurav Gupta from MeiTY, India, recommends that CIOs and CISOs should initiate their digital forensics readiness journey in advance by training first responder employees to prevent any evidence contamination. Gupta emphasized that data created will always remain.
Toyota on Friday disclosed that it exposed online for a decade car location data belonging to more than two million Japanese customers. The data by itself cannot be used to identify individual car owners, the carmaker said. Also exposed: video taken outside the vehicle with an onboard recorder.
In this week's data breach, the spotlight was on Dragos, a guilty plea from a Twitter hacker and cryptocurrency thief and North Korean hackers. Also, Sysco, a Ukrainian border truck queuing system and an update on Western Digital. Plus, a new tool for decrypting partially encrypted files.
In the annals of attempting to downplay the impact of a data breach, here's a new one: British outsourcing giant Capita says the hackers who hit it - steling data pertaining to customers, suppliers and employees - accessed "less than 0.1% of its server estate."