In January, Conduent reported that it had experienced an operational disruption due to a third-party compromise of one of its operating systems. They no longer refer to the incident as an “outage” and now refer to it as a “cyberattack,” but they still fail to clearly disclose whether this was a ransomware attack or not. Cybersecurity […]
The Daily Hodl reports: A car rental giant says sensitive customer data has been exposed in a cybersecurity incident involving one of its vendors. In a notice posted on its website, Hertz says that its vendor, Cleo Communications US, witnessed a zero-day vulnerability exploit late last year that enabled thieves to siphon customer data. Notifications on various […]
South Korea’s data protection regulator issued the following press release concerning recent enforcement actions (unofficial translation follows): – The PIPC calls for putting access control and other privacy-safeguarding measures in place in preparation for credential stuffing and other intrusion attempts The Personal Information Protection Commission (PIPC) held its eighth plenary meeting of 2025 and reached […]
CryptoNews reports: In a surprising turn of events, the hacker behind the $7.5 million exploit of decentralized exchange KiloEx has returned the entire sum just four days after the initial attack. On April 14, KiloEx suspended its perpetual futures trading platform following a severe security breach that resulted in attackers draining $7.5 million worth of cryptocurrency assets […]
The HIPAA Journal reports: UnitedHealth Group has adopted an aggressive approach to recover outstanding balances on loans issued to healthcare providers affected by the February 2024 ransomware attack on Change Healthcare. The attack caused a prolonged outage of Change Healthcare’s systems, causing massive disruption to revenue cycles as providers were unable to submit claims. Many […]
Mint reports: The website of Nippon Life India Asset Management Ltd, India’s largest mutual fund by number of investors, has been down since a cyberattack hit the company’s IT infrastructure on 9 April. When Mint visited the website on 17 April, the home page was accessible but the login page was not. The company wrote in an exchange filing […]
Fast Company reports: Several of the largest U.S. banks are reportedly pausing or reassessing how they send sensitive information to the Office of the Comptroller of the Currency (OCC) following a major cyberattack on the regulator. JPMorgan Chase and Bank of New York Mellon have halted electronic information-sharing with the OCC, Bloomberg reported. Bank of America […]
TechStory reports: The notorious internet forum 4chan—long known as a breeding ground for viral memes, fringe political communities, and online chaos—has gone dark after what appears to be a massive and deeply compromising hack. As of early Tuesday, users across the world were reporting serious outages, struggling to load the site, let alone access any […]
NPR reports: In the first days of March, a team of advisers from President Trump’s new Department of Government Efficiency initiative arrived at the Southeast Washington, D.C., headquarters of the National Labor Relations Board. … according to an official whistleblower disclosure shared with Congress and other federal overseers that was obtained by NPR, subsequent interviews […]
BakerHostetler launches 2025 Data Security Incident Response Report
BakerHostetler has released its 2025 Data Security Incident Response Report, which provides insight and analysis from more than 1,250 data security incidents managed by the firm this past year. Their report features a deep dive into critical components of security incidents (e.g., response timeline, average ransom payment amount, frequency of litigation) as well as an examination of […]