Risky Biz News reports: The FTC has fined security camera firm Verkada $2.95 million for failing to implement cybersecurity measures to protect its systems. The fine is related to a March 2021 security breach when a hacker accessed customer data and video footage from over 150,000 Verkada cameras. The hacker used the cameras to access and leak footage from psychiatric hospitals, […]
After the disastrous CrowdStrike update glitch in July, Microsoft continues to explore ways to prevent another such fiasco. Aidan Marcuss, Corporate Vice President of Microsoft Windows and Devices, announces a summit to address the issues raised and possible solutions: On Sept. 10, 2024, Microsoft will host a Windows Endpoint Security Ecosystem Summit at our Redmond, Washington, headquarters. […]
If you don’t audit your vendors, will you know if they are really adhering to the security provisions of your contract with them? Maybe you’ll get lucky, and disgruntled employees will blow the whistle. The Register reports: The US is suing one of its leading research universities over a litany of alleged failures to meet […]
The 2022 ransomware attack on Advanced, a National Health Service (NHS) vendor, was devastating to patient care. Now the U.K.’s Information Commissioner’s Office has indicated it plans to impose a substantial fine on the vendor. TechCrunch reports: U.K. data protection authorities have issued a provisional fine of more than £6 million to NHS vendor Advanced […]
There seems to be no dispute that CrowdStrike’s botched update created havoc and damage, but CrowdStrike denies claims made by Delta Airlines that CrowdStrike was responsible and liable for their multi-day outage. The Register explains: CrowdStrike says it is “highly disappointed” and rejects the claims made by Delta and its lawyers that the vendor exhibited […]
As if the CrowdStrike debacle with a faulty update wasn’t enough vendor drama in July, then Microsoft managed to make a cyberattack’s impact even worse. AP reports: A global Microsoft Azure outage that impacted a range of services for consumers Tuesday — from reports of stalling Outlook emails to trouble ordering on Starbucks’ mobile app — was […]
GovInfoSecurity reports that software vendor MCG Health has agreed to pay $8.8 million to settle a consolidated proposed federal class action lawsuit involving a 2020 hacking incident. The Seattle-based firm provides patient care guidelines to providers and health care plans. In a June 2022 announcement, they claimed that on March 25, 2022, they determined that an […]
It wasn’t a cyberattack, but it was an incident that took down businesses globally. Last week, people all over the world turned on their work PCs only to see something they probably hadn’t seen in a while: the notorious Windows Blue Screen of Death error message. Flights had to be canceled, and at least one […]
Another vendor hack compromises sensitive information An attack on a documents storage service has resulted in the leak of sensitive information of victims of family violence and sexual assault who had been treated at Monash Health, the public health service in Victoria. The attack also compromised the personal information of current and former students at […]
Grassley Asks More Questions About Recent AT&T Attack and Potential National Security Concerns
In April 2024, AT&T learned that its customer data had been exfiltrated from its Snowflake workspace. The breach affected 90 million or more customers’ call and text histories recorded during a six-month period in 2022. The following is a press release from Senator Chuck Grassley: