LATEST POST
Attackers swipe data of 500k+ people from Pennsylvania teachers union
The Register reports: The Pennsylvania State Education Association (PSEA) says a July 2024 “security incident” exposed sensitive personal data on more than half a million individuals, including financial and health info. The nonprofit, which represents more than 178,000 education professionals in the US state of Pennsylvania, confirmed data was stolen during a July 6 attack. […]
Australia Sues FIIG Investment Firm in Cyber ‘Wake-Up Call’
Data Breach Today reports that Australia’s financial regulator has filed a lawsuit against FIIG Securities over cybersecurity failures that enabled a threat actor to steal confidential personal information of 18,000 customers: The Australian Securities and Investments Commission said it decided to sue Brisbane-headquartered FIIG Securities in Federal Court after observing the company’s “systemic and prolonged cybersecurity failures” […]
Over 50 U.S. school districts impacted in retirement service provider breach
In December 2024, EdTech vendor PowerSchool was hit with a major attack that reportedly affected more than 60 million students and employees throughout the country. But that wasn’t the only major attack affecting an education sector vendor in December. Teiss reports that a retirement services vendor was also the victim of an attack: About 50 […]
Warning! FBI Alerts Gmail, Outlook Users of Sneaky New Hacker Trick
Analytics Insight explains the risk to consumers and what individuals and companies can do to protect themselves: The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have warned Gmail and Microsoft Outlook users of an emerging ransomware threat called Medusa. The ransomware-as-a-service has been in operation since 2021 and has recently affected hundreds […]
2025 State Privacy Laws Taking Effect: Key Compliance Considerations for Employers and Businesses
Fisher & Phillips LLP writes: With eight states rolling out new privacy laws in 2025 and many more already on the books, businesses have never faced a more fragmented regulatory landscape. These laws will expand consumer rights, impose stricter data governance obligations, and create a complex compliance environment for businesses operating across state lines. While […]
GitHub Action Compromise Risks Data Leaks for 23,000 Repositories
DevOps reports: A popular GitHub Action used in more than 23,000 code repositories has been compromised in a supply chain attack by attackers who introduced a malicious commit aimed at leaking secrets like passwords held in public repositories. In the compromise, which is being tracked as CVE-2025-30066, bad actors modified the code in GitHub Actions tj-actions/changed-files […]
Over a thousand of Colorado Veterans’ Personal Information Leaked in Email Mistake
KOAA in Colorado reports: The personal information of over 1,000 veterans in Colorado may be at risk after a data leak. The Veterans Affairs Eastern Colorado Health Care System accidentally sent an email containing personal details about veterans to 75 recipients. The email, which was sent in January, included a spreadsheet with veterans’ full names, the last […]
Courts Are Still Willing To Dismiss Data Breach Lawsuits for Lack of Standing
From the law firm of BakerHostetler: In data breach litigation, courts generally find plaintiffs have standing such that their complaints may proceed past the pleading stage when it is alleged that sensitive information was impacted and there is an allegation of dark web exposure, misuse or fraud. However, a few courts have recently dismissed proposed […]