Security Awareness Training Blog

Data Breach Blog

Technical reporting and analysis on high-profile data breaches, how they happened, and how hackers are using the information mined from breaches.

View Topics

Breach You Once? Shame on You. Breach You Twice? Still.. Shame on You.

Jul 31, 2018 12:20:27 PM By Stu Sjouwerman
Heed the warning found in the story of a Virginia bank that was not breached once, but twice in an 8-month period of time!
Continue Reading

Consumer Privacy: California Follows in the Footsteps of GDPR

Jul 7, 2018 7:01:44 AM By Stu Sjouwerman
The California Consumer Privacy Act of 2018 (AB 375) takes effect on January 1, 2020 and will be the most exacting data privacy policy in the United States. Similar to the European ...
Continue Reading

Equifax: "Oh, minor detail, we also lost 17.6 Million driver's licenses in that data breach"...

May 11, 2018 12:38:18 PM By Stu Sjouwerman
On May 7, executives of Equifax submitted a "statement for the record" to the Securities and Exchange Commission detailing the extent of the consumer data breach the company first ...
Continue Reading

Yahoo Pays $35 Million Penalty For The Hot Mess Of Their Massive Data Breach

Apr 25, 2018 7:09:20 AM By Stu Sjouwerman
This is the first time that a public company gets fined by regulators for failure to properly investigate their 2014 data breach, and disclose it to shareholders. Technically this is not ...
Continue Reading

Cancer Center Discloses $2.3 Million Data Breach Settlement In Their Bankruptcy Filing

Dec 19, 2017 1:19:17 PM By Stu Sjouwerman
As reported in BNA Privacy Law Watch, on December 6, 2017, health care provider 21st Century Oncology agreed to pay $2.3 million to settle charges by the Department of Health and Human ...
Continue Reading

Uber Total Loss: 57 Million Records Stolen But Data Breach Was Hidden For A Year

Nov 22, 2017 7:37:46 AM By Stu Sjouwerman
Oh boy. Uber is known for pushing the limits of the law and has dozens of lawsuits pending against it, but this one went too far and now comes the reckoning. Bloomberg was first to report ...
Continue Reading

Whole Foods Point Of Sale Data Breach. Did Amazon Buy An Organic Lemon?

Sep 29, 2017 9:39:02 AM By Stu Sjouwerman
Uh Oh. They just announced. Generally it's the tip of the iceberg, and then over time more details are released that show it was muuuch worse than initially expected. Looks like Amazon ...
Continue Reading

Large Insurance Company Settles for $5.5 Million over "Failed To Patch" Data Breach

Aug 16, 2017 10:06:24 AM By Stu Sjouwerman
A large insurance company (Nationwide) agreed to pay a total of $5.5 Million to settle charges brought by 32 states resulting from the loss of critical consumer information attributable ...
Continue Reading

Data Breaches Are Up 29 Percent Over Last Year

Jul 22, 2017 11:52:38 AM By Stu Sjouwerman
  Data breaches are running 29 percent above last year, according to a report released by the Identity Theft Resource Center and CyberScout. Hacking was the leading cause of data breaches ...
Continue Reading

Cleveland Medical Associates Ransomware Infection Caused 22K-Record Databreach - How To Prevent This

Jul 8, 2017 5:25:58 PM By Stu Sjouwerman
Cleveland Medical Associates is offering about 22,000 patients identity protection services after a ransomware attack against the practice. The practice is offering a year of protective ...
Continue Reading

Urgent Phishing Alert: Warn Your Users Against AdultFriendFinder Scams Now

Nov 14, 2016 7:52:02 AM By Stu Sjouwerman
Your end-users may have seen this in the news yesterday, or will read about it today. A massive data breach of the adult dating and entertainment company Friend Finder Network has exposed ...
Continue Reading

Scam Of The Week: FBI Warns Against Data Breach Extortion

Jul 11, 2016 7:58:40 AM By Stu Sjouwerman
The number of data breaches keeps going up. Last week it was more than 1,000 Wendy's where credit card records got ripped off. Fraudsters quickly use the news release of a high-profile ...
Continue Reading

Scam Of The Week: LinkedIn Email Change Your Password

May 21, 2016 10:33:05 AM By Stu Sjouwerman
You probably remember the 2012 LinkedIn data breach. It was a big deal because something like 6.5 million user account passwords were posted online, but LinkedIn never confirmed the final ...
Continue Reading

What Is The #1 Cause Of Healthcare Data Breaches?

May 14, 2016 10:00:51 AM By Stu Sjouwerman
As a new story about hospital ransomware or a stolen laptop containing PHI seemingly emerges every day, it comes as no surprise that healthcare data breaches have steadily increased in ...
Continue Reading

Ransomware Attack Shuts Down Medstar Washington Hospital

Mar 28, 2016 8:29:51 PM By Stu Sjouwerman
The Washington Post reported that a ransomware infection penetrated the computer network of MedStar Health early Monday morning, forcing the Washington health care behemoth to shut down ...
Continue Reading

What is the REAL cost of a data breach?

Sep 20, 2015 11:31:00 AM By Stu Sjouwerman
A new survey done by Kaspersky with participation of 5,500 companies in 26 countries finally shows the real cost of a data breach broken out by Small and Medium Business (SMB) and ...
Continue Reading

Half Of Your Users Are Now Spear Phishing Targets

Sep 16, 2015 5:45:26 PM By Stu Sjouwerman
In a presentation at the Intelligence & National Security Summit, Bill Evanina, Director of the National Counterintelligence and Security Center (NCSC) announced "There have been just ...
Continue Reading

Stop The AshMad Insanity!

Aug 22, 2015 10:24:00 AM By Stu Sjouwerman
First a 10Gig dump with the full Ashley Madison database. Then a 20Gig dump with their whole Github repository, and then to top it all off a 300G(!) dump. In an interview with Motherboard ...
Continue Reading

Phishing Alert: Warn Your Users Against Ashley Madison Scams Now

Aug 20, 2015 10:30:00 AM By Stu Sjouwerman
Your end-users saw this in the news yesterday, or will read about it today. The hackers who stole more than 36 million records from the Ashley Madison site (which makes it easy to cheat ...
Continue Reading

SHOCKER: Data Breaches Cost Big Companies Very Little

Apr 6, 2015 5:16:21 PM By Stu Sjouwerman
Two articles today in Fortune Magazine and Harvard Business Review each lifted a piece of the veil about a dirty little secret about data breaches. From Home Depot to Target to Sony, big ...
Continue Reading
Subscribe

Search Our Blog


Ransomware Hostage Rescue Manual

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews