Security Awareness Training Blog

Data Breach Blog

Technical reporting and analysis on high-profile data breaches, how they happened, and how hackers are using the information mined from breaches.

Report: Data Breach in Biometric Security Platform Affecting Millions of Users

Led by internet privacy researchers Noam Rotem and Ran Locar, vpnMentor’s team recently discovered a huge data breach in biometrics security platform BioStar 2. Once stolen, fingerprint ...
Continue Reading

3 Important Facts to Take Away From the New Data Security Law

By Lecio De Paula, Jr., Director of Data Privacy, KnowBe4. New Hampshire joins Ohio, South Carolina, and Michigan in enacting a new data security law directed at insurers modeled after ...
Continue Reading

Bad Guys Exploit CapitalOne Breach to Push Backdoor Trojan

The bad guys are now exploiting news of the CapitalOne breach to push a malicious backdoor trojan via a phishing email purporting to offer a Windows Security Update. See the attached ...
Continue Reading

5 Things You Need to Know About Facebook’s $5 Billion Fine

By Lecio De Paula, KnowBe4's Director of Data Privacy. On July 24, 2019, it was announced that Facebook, Inc. will pay a 5 billion dollar penalty to the U.S. Federal Trade Commission ...
Continue Reading

You Don't Want *THAT* In Your Wallet

Capital One has announced a data breach that has exposed the personal information of 106 million people that includes transaction data, credit scores, payment history, balances, and for ...
Continue Reading

Is Equifax Paying Up To 700 Million... Or Is It 1.4 Billion?

In a settlement with the FTC, consumers affected by the breach are eligible for up to $20,000 in a cash settlement, depending on damages they can prove. But different news sources claim ...
Continue Reading

Attacker’s Use of OneDrive as a Malicious File Host Jumps Over 3200% in Q1

The need for reputable hosting services to make phishing scams involving malicious files look legitimate has caused a rise in popularity for Microsoft’s cloud-based file sharing service.
Continue Reading

Evite Invites Over 100 Million People to Their Data Breach

Larry at Bleepingcomputer wrote: "The data breach monitoring service Haveibeenpwned.com has added a database dump of almost 101 million Evite users who had their information exposed when ...
Continue Reading

The Stock Market Doesn’t React Well to Data Breaches

The latest data from UK-based research firm, Comparitech, shows that organizations who suffer a data breach continue to suffer in the stock market well after.
Continue Reading

Massive Cyberheist Bankrupts Medical Debt Collector

AMCA, a medical billing collections agency that was hacked last year in an incident believed to impact millions of medical patients is now seeking a federal bankruptcy court’s protection ...
Continue Reading

[Heads-Up] How Hackers Use Ransomware To Hide Data Breaches And Other Devastating Attacks

Different sources claim that ransomware attacks are either going up or going down. The very real threat remains though and it is clear that the bad guys are moving from consumers as their ...
Continue Reading

“Monster” Data Breaches Result in an Average Cost of $347 Million

Data breaches in the hundreds of millions of records have made the news over the last two years. The latest report from Bitglass covers the results and repercussions of the breaches.
Continue Reading

Over 10 Million People Hit In Single Australian Data Breach

The Office of the Australian Information Commissioner's (OAIC) quarterly data breach report also revealed private health was again the country's most affected sector.
Continue Reading

Nearly Half of US Orgs Not Ready for California Consumer Privacy Act Deadline

InfoSec Mag observed something a bit worrisome. "In advance of the California Consumer Privacy Act (CCPA) going into effect January 1, 2020, researchers analyzed how prepared US ...
Continue Reading

U.K. Court Finds Employee Actions Constitute “Vicarious Liability”, despite meeting GDPR Requirements

The latest developments in the lawsuit against UK supermarket chain Morrisons may dictate the future of employers being held responsible for employee actions.
Continue Reading

61% Of IT Pros Have Experienced A Serious Data Breach And Many Are Blamed For It.

TechRepublic just reported that cybercriminals continue to target intellectual property, putting companies at risk for financial and brand reputation hits, quoting a new McAfee report.
Continue Reading

[InfoGraphic] 56 Must Know Data Breach Statistics for 2019

Varonis spent a lot of time compiling a whole bunch of data breach stats that are very good ammo for budget requests. They also created an infographic with a quick executive summary. Did ...
Continue Reading

809 Million Records Exposed By Email Marketing Giant. No Bueno.

I'm suffering from Data Breach Fatigue, how about you?
Continue Reading

It Only Takes Minutes: Russians Go from Foothold to Privileged Access in Record Time

We think of data breaches as taking days or weeks. But with elevated access to move laterally around the network, a cybercriminal can accomplish much in just a matter of minutes.
Continue Reading

Healthcare Data Breaches Involve Triple the Records in 2018

As the healthcare industry continues to be a target in cyberattacks focused on data breaches of patient health records, the latest data shows that cybercriminals are taking more than ever.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews