LATEST POST
FTC Finalizes Order with Blackbaud Related to Allegations the Firm’s Security Failures Led to Data Breach
From the Federal Trade Commission: The Federal Trade Commission has finalized an order against Blackbaud Inc. settling allegations that its lax security practices allowed a hacker to breach the company’s network and access the personal data of millions of consumers including Social Security and bank account numbers. In a complaint first announced in February 2024, the FTC […]
ARPA-H announces program to enhance and automate cybersecurity for health care facilities
The government is investing in helping to secure hospitals from ransomware attacks: Safeguarding protected health information is a top priority for the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR). OCR is sharing the following announcement of Advanced Research Projects Agency for Health (ARPA-H) on the launch of Universal PatchinG and Remediation […]
SEC Adopts Rule Amendments to Regulation S-P to Enhance Protection of Customer Information
The following is a press release from the Securities and Exchange Commission: Washington D.C., May 16, 2024 — The Securities and Exchange Commission today announced the adoption of amendments to Regulation S-P to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal information by certain financial institutions. The amendments update the […]
Hacking forum taken down by law enforcement — again.
BreachForums, a popular hacking forum where users can sell, leak, or share stolen data or information, was seized this week by the FBI, DOJ, and international partners. Because none of the governments have issued any press releases or statements yet, there is much that has yet to be confirmed or disconfirmed, but on Wednesday, a […]
Santander Falls Victim to Data Breach Involving Third-Party Provider
DarkReading reports that Spanish banking giant Santander has disclosed a recent data breach at a third-party provider. Bank customers in Chile, Spain, and Uruguay have reportedly been affected. “No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords,” according to […]
Data breach at J.P. Morgan Chase exposes records of 451,000 retirement savers
Not every big breach these days is a cyberattack. Sometimes it is just human error. Pensions & Investments recently reported that more than 451,000 people were affected by an incident that occurred at J.P. Morgan Chase Bank. The breach was disclosed to the Maine Attorney General’s office on April 29. The bank, which is a […]
Europol confirms web portal breach, says no operational data stolen
Europol appears to have confirmed a breach first claimed by the threat actor known as IntelBroker, a moderator on BreachForums. IntelBroker’s listing, which was subsequently marked as “SOLD,” claimed to have breached Europol in May of this year, resulting in the exposure of “For Official Use Only” (FOUO) and classified data. The compromised data allegedly […]
10 Cyber Incident Response Tips From Those Who’ve Had a Breach and Lived to Tell About It
Information Week recently reported on an interesting panel at the RSA conference in San Francisco: Patricia Titus, chief information security officer (CISO) of Booking Holdings Inc., moderated the panel “Life After the Breach: A Survivor’s Guide.” The panelists included Tim Crothers, CISO of Mandiant; Russ Ayres, SVP and deputy CISO of credit bureau Equifax; and […]