Security Awareness Training Blog

Data Breach Blog

Technical reporting and analysis on high-profile data breaches, how they happened, and how hackers are using the information mined from breaches.

Myth of Massive Data Breach Busted: Big Headlines Mask a Minor Threat

Ok, I'll admit it, I was swept up in the moment last week and wrote a short blog post that more or less summarized the tsunami of news about that huge data breach initially reported by ...
Continue Reading

New ASD Cyber Threats Report Shows A Cybercrime Incident Is Reported in Australia Every Six Minutes

The annual Cyber Threat Report by the Australian Signals Directorate (ASD) was released this week, containing insights that every Australian business and citizen should read. The ASD ...
Continue Reading

AP Stylebook Data Breach Compromises Customer Personal Information

The Associated Press (AP) has disclosed a data breach affecting the legacy AP Stylebook website that led to phishing attacks against impacted customers, BleepingComputer reports.
Continue Reading

Data Breaches Involving Social Engineering Attacks Take Longer to Identify and Contain

Continuing coverage of IBM’s recently-released Cost of a Data Breach report, we focus on the impact attacks involving social engineering have on data breach costs.
Continue Reading

Phishing Tops the List as the Most Costly Initial Attack Vector in Data Breaches

After you come to grips with the massive average cost of a data breach to an enterprise organization measured in the millions, it’s time to look at the factors that increase – and lower – ...
Continue Reading

Data Breach Costs in Healthcare Rise 53% to More than Double the Average

It appears that one of the most regulated industries also holds the title for the highest average data breach costs – coming in at just under $11 million per breach.
Continue Reading

New IBM report reveals the cost of a data breach now tops $4.45 million

IBM Security has released its annual Cost of a Data Breach Report, revealing that the global average cost of a data breach reached $4.45 million in 2023. This marks a significant increase ...
Continue Reading

The Number of Data Compromises Jumps 50% in H1 2023, Outpacing Every Year on Record

New data from the Identity Theft Resource Center (ITRC) covering the first half of this year shows a significant rise in the number of successful cyber attacks focused on stealing ...
Continue Reading

Verizon: Pretexting Now Tops Phishing in Social Engineering Attacks

The New Verizon DBIR is a treasure trove of data. As we covered here, and here, people are one of the most common factors contributing to successful data breaches. Let’s drill down a bit ...
Continue Reading

Verizon: 74% of Data Breaches Involve the “Human Element”

People are one of the most common factors contributing to successful data breaches. Let’s dive in deeper into the latest Verizon Data-Breach Investigations Report (DBIR) to find out how ...
Continue Reading

Protecting Patient Data: The Importance of Cybersecurity in Healthcare

As digital transformation continues to shape the healthcare industry, it is crucial for healthcare organizations to prioritize cybersecurity. These organizations are entrusted with ...
Continue Reading

Organizations Have No Idea of a Data Breach’s Root Cause in 42% of Reported Cases

New data shows how poorly organizations are at identifying – let alone removing – an attacker's foothold, putting themselves at continued risk of further attacks and data breaches.
Continue Reading

Nearly One-Half of IT Pros are Told to Keep Quiet About Security Breaches

At a time when cyber attacks are achieving success in varying degrees and IT pros are keeping quiet about resulting breaches, there is one specific type of attack that has them most ...
Continue Reading

Latitude Forced To Stop Adding New Customers in Aftermath of Breach

Looks like Latitude Finance is trying to give consumers more "latitude" in their exposure to cyber risks. The Australian finance company admittedly fell victim to an attack that has ...
Continue Reading

[Eyes Only] New Deepfake Pr0n Site Visits Skyrocket

This is a disgusting topic. It's also a very high social engineering risk. I will keep this post safe-for-work, which is not easy. NBC news just reported on the deepfake economy surging ...
Continue Reading

New Modular Attack Chain Found That Allows Attackers to Change Payloads Mid-Breach

We’ve long known developers of cyberattacks to be crafty and focus a lot of energy on obfuscation, but a new attack can shift gears midstream, delivering just the right malware.
Continue Reading

[Eye Opener] Work In IT? You Get Attacked Much More Than Other Employees

We received an interesting email from Elevate Security you need to be aware of. Their recent research showed: "Social engineering attacks are growing more sophisticated every day, ...
Continue Reading

Recent Optus Data Breach Teaches the Importance of Recognizing Social Engineering

Optus, one of Australia's largest telecommunications companies, recently suffered a data breach that affected over 9.8 million customers.
Continue Reading

Phishing-Based Data Breaches Take 295 Days to Contain and Breach Costs Soar to $4.91 Million

Fresh data on data breach costs from IBM show phishing, business email compromise, and stolen credentials take the longest to identify and contain.
Continue Reading

All it Takes is “Free” Beer to Steal Your Personal Data

A recent phishing scam impersonating the Heineken beer brand demonstrates how very little effort is needed by scammers to convince victims to give up all kinds of personal information.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews