LATEST POST
Connecticut Senate Bill Raises the Stakes on Data Breach Response for “Massive” Breaches
If a bill introduced in the Connecticut Senate ever becomes law, there will be new requirements for entities whose breaches affect more than 100,000 Connecticut residents. As attorneys from Ballard & Spahr explain: Read more at JD Supra. The second provision above is certain to raise a lot of concerns and opposition. The language of […]
Coupang’s Q4 operating profit plunges 97% from data breach
Breaches have consequences. Some more than others. Yonhap News Agency reports the Coupang data breach has taken a significant toll on the firm’s fourth quarter profits: U.S.-listed e-commerce giant Coupang Inc. said Friday its operating profit plunged 97 percent in the fourth quarter from a year earlier due to the impact of a large-scale data […]
Hackers attack Mexico govt using Claude AI, steal 150GB data
India Today reports: A serious cybersecurity incident involving AI has put Mexico’s government networks under the spotlight, after hackers allegedly used an AI chatbot to pull off a large-scale data theft. According to a Bloomberg investigation, the attacker relied on Anthropic’s Claude AI to break into official systems, stealing close to 150GB of sensitive data […]
MediMap seeks urgent court orders after cyber patient data incident
Insurance Business Magazine reports: Digital medicines platform MediMap is seeking urgent court orders in New Zealand after an individual claiming to be behind a cyber incident circulated what appears to be patient information to news organisations – an incident that is drawing attention to cyber risk, privacy exposure, and the role of cyber insurance across […]
Attackers Now Need Just 29 Minutes to Own a Network
Dark Reading reports: In 2025, cybercriminals needed less time to move from break-in to lateral movement across a network than it takes to watch a typical sitcom. An analysis by CrowdStrike of threat activity last year found attackers took just 29 minutes on average to pivot to other systems after gaining an initial foothold in […]
ShinyHunters claims responsibility for Odido telecom breach affecting millions
Bleeping Computer reports: The ShinyHunters extortion gang has claimed responsibility for breaching Dutch telecommunications provider Odido and stealing millions of user records from its compromised systems. Odido is one of the largest telecommunications companies in the Netherlands and offers mobile, broadband, and television services to millions of customers nationwide. The company disclosed the breach on February 12, […]
Norton Healthcare to Pay $11M to Settle BlackCat Lawsuit
Bank InfoSecurity has an update on the Norton Healthcare breach in 2023: Norton Healthcare, which operates nine hospitals and 480 other care facilities in Kentucky and Indiana, has agreed to pay $11 million to settle class action litigation triggered by a 2023 data theft attack by ransomware-as-a-service gang Alphv/BlackCat that affected nearly 2.5 million people. […]
PayPal discloses data breach that exposed user info for 6 months
Bleeping Computer reports: PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. The incident affected the PayPal Working Capital (PPWC) loan app, which provides small businesses with quick access to financing. PayPal discovered the breach […]