Security Awareness Training Blog

Data Breach Blog

Technical reporting and analysis on high-profile data breaches, how they happened, and how hackers are using the information mined from breaches.

View Topics

Organizations Have No Idea of a Data Breach’s Root Cause in 42% of Reported Cases

Apr 27, 2023 8:07:38 AM By Stu Sjouwerman
New data shows how poorly organizations are at identifying – let alone removing – an attacker's foothold, putting themselves at continued risk of further attacks and data breaches.
Continue Reading

Nearly One-Half of IT Pros are Told to Keep Quiet About Security Breaches

Apr 20, 2023 8:21:59 AM By Stu Sjouwerman
At a time when cyber attacks are achieving success in varying degrees and IT pros are keeping quiet about resulting breaches, there is one specific type of attack that has them most ...
Continue Reading

Latitude Forced To Stop Adding New Customers in Aftermath of Breach

Apr 3, 2023 2:32:00 PM By Javvad Malik
Looks like Latitude Finance is trying to give consumers more "latitude" in their exposure to cyber risks. The Australian finance company admittedly fell victim to an attack that has ...
Continue Reading

[Eyes Only] New Deepfake Pr0n Site Visits Skyrocket

Mar 28, 2023 10:39:31 AM By Stu Sjouwerman
This is a disgusting topic. It's also a very high social engineering risk. I will keep this post safe-for-work, which is not easy. NBC news just reported on the deepfake economy surging ...
Continue Reading

New Modular Attack Chain Found That Allows Attackers to Change Payloads Mid-Breach

Dec 8, 2022 4:33:45 PM By Stu Sjouwerman
We’ve long known developers of cyberattacks to be crafty and focus a lot of energy on obfuscation, but a new attack can shift gears midstream, delivering just the right malware.
Continue Reading

[Eye Opener] Work In IT? You Get Attacked Much More Than Other Employees

Oct 24, 2022 3:17:13 PM By Stu Sjouwerman
We received an interesting email from Elevate Security you need to be aware of. Their recent research showed: "Social engineering attacks are growing more sophisticated every day, ...
Continue Reading

Recent Optus Data Breach Teaches the Importance of Recognizing Social Engineering

Sep 26, 2022 10:00:46 AM By Stu Sjouwerman
Optus, one of Australia's largest telecommunications companies, recently suffered a data breach that affected over 9.8 million customers.
Continue Reading

Phishing-Based Data Breaches Take 295 Days to Contain and Breach Costs Soar to $4.91 Million

Jul 28, 2022 12:33:36 PM By Stu Sjouwerman
Fresh data on data breach costs from IBM show phishing, business email compromise, and stolen credentials take the longest to identify and contain.
Continue Reading

All it Takes is “Free” Beer to Steal Your Personal Data

Jul 11, 2022 12:39:21 PM By Stu Sjouwerman
A recent phishing scam impersonating the Heineken beer brand demonstrates how very little effort is needed by scammers to convince victims to give up all kinds of personal information.
Continue Reading

Nearly all Data Breaches in Q1 2022 Were the Result of a Cyber Attack

Apr 26, 2022 9:53:38 AM By Stu Sjouwerman
New data from the Identity Theft Resource Center shows rises in the number of data compromises following 2021’s record-setting year, all stemming from cyber attacks.
Continue Reading

Data Breach Volumes in the U.S. Grow by 10% in 2021

Mar 2, 2022 1:32:16 PM By Stu Sjouwerman
New data shows despite decreases in global data breach levels (-5%) in 2021, the U.S. experienced proportionally more data breaches than in the previous year.
Continue Reading

Irish Teaching Council Fined €60,000 for Phishing-Induced Breach

Jan 25, 2022 10:30:43 AM By Stu Sjouwerman
Ireland’s Teaching Council has been fined €60,000 by the country’s Data Protection Commission (DPC) over a breach of nearly ten thousand teachers’ data, the Irish Examiner reports. An ...
Continue Reading

2022 Continues The New Decade of Privacy

Jan 25, 2022 8:29:41 AM By Lecio DePaula
Privacy issues came about all across the board in 2020, 2021, and 2022 will be no different. From WhatsApp updating their terms of service and losing millions of users to countless ...
Continue Reading

New “Karakurt” Threat Group is Gaining Attention Through Multiple and Frequent Extortion Attacks

Dec 30, 2021 3:58:33 PM By Stu Sjouwerman
A new warning from Accenture Security highlights this new cybercriminal group making waves that focuses on a "data breach and extortion” MO rather than relying on ransomware.
Continue Reading

Victims: After a Data Breach, Changing Passwords and Good Password Hygiene Remain Unimportant

Dec 7, 2021 10:53:12 AM By Stu Sjouwerman
New shocking data shows how unconcerned victim users are after being notified of a data breach involving their credentials, personal information, and even social media accounts.
Continue Reading

Data Breach Costs Increase by $1 Million When Remote Workers Are Involved

Nov 30, 2021 10:54:57 AM By Stu Sjouwerman
You already knew remote workers increase the risk of cyberattack. New data spells out exactly what the impact of a remote workforce is on data breaches and the cost to remediate.
Continue Reading

[HEADS UP] Popular Stock Trading Platform Becomes Next Victim of Data Breach

Nov 9, 2021 8:57:32 AM By Stu Sjouwerman
Bleeping Computer recently reported a data breach from popular stock trading platform Robinhood. This breach has impacted over 7 million of their customers.
Continue Reading

Cybercriminal Group SnapMC Takes a Page from Ransomware Gangs in Data Breach-Turned-Extortion Attacks

Oct 20, 2021 10:15:40 AM By Stu Sjouwerman
New analysis of attacks shows threat actors that traditionally focus on stealing data are now utilizing extortion as their monetization strategy, converging tactics with ransomware ...
Continue Reading

Telecom Company Responsible for Routing Billions of Text Messages Annually Acknowledges Multi-Year Breach

Oct 5, 2021 5:21:24 PM By Stu Sjouwerman
Mentioned in passing as part of a Securities and Exchange Commission (SEC) filing, Syniverse admits to hackers having access for five years, potentially impacting millions of mobile phone ...
Continue Reading

Egress: 73% of Orgs Were Victims of Phishing Attacks in the Last Year

Aug 4, 2021 9:23:12 AM By Stu Sjouwerman
A survey sponsored by Egress found that 94% of organizations suffered insider data breaches over the past year. The survey offers the following results:
Continue Reading
Subscribe

Search Our Blog


Free Phishing Security Resource Kit

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews