LATEST POST
CISA warns of ‘significant’ threat to federal networks after nation-state hackers stole F5 source code, undisclosed bug info
The Record reports: The federal government has issued an emergency directive ordering all civilian agencies to update products from F5 after the security company said a nation-state actor had long-term persistent access to source code and information about undisclosed vulnerabilities during a breach discovered in August. The Cybersecurity and Infrastructure Security Agency (CISA) said it “has identified […]
Capita given record £14 million fine over ransomware attack security failings
The Record reports: Capita, the United Kingdom’s largest outsourcing company, was on Wednesday fined £14 million ($18.7 million) over security failings that saw attackers compromise the personal information of 6.6 million people in a ransomware attack in 2023. The voluntary settlement is for less than a third of the £45 million ($60 million) Britain’s data […]
F5 Networks reports nation-state cyberattack on product systems
This is not an incident involving personally identifiable information or protected health information. It involves source code and information about product vulnerabilities. Street Insider reports: F5 Networks (NASDAQ: FFIV) disclosed that a nation-state threat actor gained unauthorized access to certain company systems on August 9, 2025, according to a company statement. The network security company said […]
A ‘Fast, Fair and Friendly’ Fail: Farmers Irks Customers With Its Handling of a Data Breach
Farmers Insurance is facing negative attention and lawsuits because of a three-month delay in notifying 1.1 million policyholders about a data breach. H. Dennis Beaver, Esq writes: To paraphrase the notice (you can read it in full here): On May 30, 2025, one of our vendors informed us about suspicious activity of an unauthorized actor who […]
$19M in Settlements Underscore Cybersecurity Risks for TPAs and Insurers
From Polsinelli PC: In two separate but related actions, third party administrators (TPAs) and their insurance business partners agreed to substantial settlements to resolve allegations that they failed to adequately safeguard sensitive data from cyberattacks. Though neither case involved a finding of fault, both spotlight a growing trend: plaintiffs and regulators are treating basic cybersecurity […]
Attorney General James Secures $14.2 Million from Car Insurance Companies Over Data Breaches
From the New York Attorney General’s Office:
PNC Bank faces class action lawsuit over data breach exposing 740,000 records
Top Class Actions reports: A new class action lawsuit alleges The PNC Financial Services Group failed to properly secure and safeguard personally identifiable information of its customers during a data breach earlier this year. Plaintiff Madonna Blunt claims PNC disclosed earlier this month that sensitive customer information was mistakenly provided to another client without authorization […]
British govt agents demand action after UK mega-cyberattacks surge 50%
The Register reports: Cyberattacks that meet upper severity thresholds set by the UK government’s cyber agents have risen 50 percent in the last year, despite almost zero change in the volume of cases handled. GCHQ’s cyber arm, the National Cyber Security Centre’s (NCSC), said in its annual review published today that its incident management team handled 429 […]