LATEST POST
Law firm that handles data breaches was hit by data breach
TechCrunch reports: An international law firm that works with companies affected by security incidents has experienced its own cyberattack that exposed the sensitive health information of hundreds of thousands of data breach victims. San Francisco-based Orrick, Herrington & Sutcliffe said last week that hackers stole the personal information and sensitive health data of more than 637,000 […]
Hackers can now take control of your Google Account without needing a password. Here’s how it works
Livemint reports: Cybercriminals have found a way to gain access to people’s Google accounts without needing their password, and the new exploit gives hackers continued access to Google services even after a user’s password has been reset. The new vulnerability was analysed by security firm CloudSEK and reported by The Independent. Furthermore, the issue first […]
Attorney General James Reaches Agreement with Hudson Valley Health Care Provider to Invest $1.2 Million to Protect Patient Data After 2021 Data Breach
From the NYS Attorney General’s Office:
Mandiant Experiences Irony of Cybersecurity Breach
BNN reports: In an ironic turn of events, Mandiant, a cybersecurity firm owned by Google, fell prey to a security breach on its X social media account on January 3. The attacker, shrouded in anonymity, manipulated the account to unleash a malevolent cryptocurrency-stealing link. […] This incident strikes a raw nerve, particularly given that Mandiant, a […]
‘If you told me to list 10 things that would go wrong, this would not be on the list’: Tiny water authority in Pennsylvania hit by Iranian cyberattack
Fortune reports: The tiny Aliquippa water authority in western Pennsylvania was perhaps the least-suspecting victim of an international cyberattack. It had never had outside help in protecting its systems from a cyberattack, either at its existing plant that dates to the 1930s or the new $18.5 million one it is building. Then it — along with […]
After ransomware claims, Xerox says subsidiary hit with cyberattack
The Record reports: Xerox said a subsidiary is dealing with a cyberattack that may have involved the theft of personal information. Last week a ransomware gang named INC claimed it attacked the company — which earned over $7 billion in 2022 from selling printers in more than 160 countries. When asked about the claims, a spokesperson for Xerox directed […]
The State of Ransomware in the U.S.: Report and Statistics 2023
Emsisoft reports: In 2023, the U.S. was once again battered by a barrage of financially-motivated ransomware attacks that denied Americans access to critical services, compromised their personal information, and probably killed some of them. In total, 2,207 U.S. hospitals, schools and governments were directly impacted by ransomware over the course of the year, with many […]
BakerHostetler: 2023 Data Security Incident Response Report
BakerHostetler law firm is well-known for data breach incident response. They write, “Three years ago we set a new industry standard by creating our Digital Assets and Data Management (DADM) practice group, which now has more than 100 attorneys and technologists. Every year we organize and publish our collective insights in this report. It is […]