LATEST POST
The CJEU Ruled that Supervisory Authorities Can Order the Deletion of Unlawfully Processed Personal Data
On March 14, 2024, the Court of Justice of the EU (“CJEU”) ruled that EU supervisory authorities have the (corrective) power to order data controllers who have been found to process personal data unlawfully to erase such personal data, even if the data subjects have not requested the erasure. (Case C‑46/23) The CJEU ruled that […]
More than 70 million records purportedly from AT&T customers leaked online
VX-Underground noticed data purportedly from AT&T being offered on a popular hacking forum: Today 70,000,000+ records from an unspecified division of AT&T were leaked onto Breached. No information is available to indicate whether it is a 3rd party compromise, or which ‘division’ this data is from. Regardless, upon review we can confirm the stolen data […]
Sovos Compliance data breach $3.53M class action settlement
The MOVEit data breach, which affected more than 2,760 organizations and 95 million people, resulted in multidistrict litigation against Progress Software and numerous lawsuits against the organizations using the file-transfer software. One of the organizations sued was Sovos Compliance in Massachusetts. Top Class Actions reports that the firm has agreed to pay more than $3.53 […]
HHS Office for Civil Rights Issues Letter and Opens Investigation of Change Healthcare Cyberattack
Today, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) issued a “Dear Colleague” letter addressing the cybersecurity incident impacting Change Healthcare, a unit of UnitedHealthcare Group (UHG), and many other health care entities. The cyberattack is disrupting health care and billing information operations nationwide and poses a direct threat to […]
Okta claims that data leaked on hacking forum is not from its systems
Bleeping Computer reports that Okta is firmly denying that data supposedly being leaked on a hacking forum from its system is from a hack of its system in October 2023. On Saturday, a cybercriminal using the alias ‘Ddarknotevil’ claimed to be releasing an Okta Database containing information of 3,800 customers that was stolen during last year’s […]
CISA forced to take two systems offline last month after vendor compromise
Microsoft was one of two heavy hitters that reported being compromised recently. The Cybersecurity and Infrastructure Security Agency (CISA) also disclosed that it was recently compromised and had to take two systems offline due to vulnerabilities in IIvanti products. A CISA spokesperson confirmed to Recorded Future News that CISA “identified activity indicating the exploitation of […]
Microsoft admits Russian state hack still not contained. ‘This has tremendous national security implications’
Even companies that invest a lot in security can get hit — and hit hard. In this week’s news, perhaps the biggest story involves Microsoft and Russia. The Associated Press reports: Microsoft said Friday it’s still trying to evict the elite Russian government hackers who broke into the email accounts of senior company executives in November […]
The 2024 Breach Barometer reports 171 million health data records breached in the U.S. in 2023.
And that’s just the ones they could find numbers for! Request your free copy of the full report at Protenus.com.