Blog, Cybersecurity, Data breaches and Security

List of Data Breaches and Cyber Attacks in August 2023 – 79,729,271 Records Breached

IT Governance

SEPTEMBER 6, 2023

IT Governance found 73 publicly disclosed security incidents in August 2023, accounting for 79,729,271 breached records. You can find the full list below, divided into four categories: cyber attacks, ransomware, data breaches, and malicious insiders and miscellaneous incidents.

Data breaches

Data breaches Ransomware Insurance Privacy

List of Data Breaches and Cyber Attacks in September 2022 – 35.6 Million Records Breached

IT Governance

OCTOBER 3, 2022

Welcome to our September 2022 list of data breaches and cyber attacks. Compared to August, it was a comparatively quiet month, as we identified 88 publicly disclosed security incidents and 35,566,046 compromised records. That’s because we’re looking for ways to improve the way we deliver this data. Data breaches.

Data breaches

Data breaches Ransomware Education Phishing

Data Breaches and Cyber Attacks Quarterly Review: Q1 2022

IT Governance

APRIL 12, 2022

Welcome to our first quarterly review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. IT Governance discovered 266 security incidents between January and March 2022, which accounted for 75,099,482 breached records.

Data breaches

Data breaches Ransomware Government Retail

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

List of data breaches and cyber attacks in December 2022 – 31.5 million records breached

IT Governance

JANUARY 3, 2023

December can be the best or worst time to suffer a data breach. On the one hand, people have started to wind down to the end of the year, all attention is on holidays and a data breach is more likely to fall under the data. But for the very same reasons, a December data breach can be the worst possible scenario.

Data breaches

Data breaches Ransomware e-Discovery Insurance

Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant

Security Affairs

JUNE 6, 2022

LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Today the LockBit ransomware gang has added the cybersecurity firm Mandiant to the list of victims published on its darkweb leak site. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Cybersecurity Archiving Security

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. Some requirements also apply specifically to larger covered entities falling under the “Class A companies” category.

Financial Services

Financial Services Cybersecurity Compliance Government

List of Data Breaches and Cyber Attacks in October 2022 – 9.9 Million Records Breached

IT Governance

NOVEMBER 1, 2022

Welcome to our October 2022 review of data breaches and cyber attacks. We identified 102 security incidents throughout the month, which is the second largest figure so far this year – trailing only August (112). However, it’s a warning sign for all organisations about the dangers of misconfigured Internet-facing servers.

Data breaches

Data breaches Ransomware Insurance Phishing

GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers

The Last Watchdog

AUGUST 29, 2022

Web application attacks directed at organizations’ web and mail servers continue to take the lead in cybersecurity incidents. This is according to Verizon’s latest 2022 Data Breach Investigations Report ( DBIR ). Ignoring it, on the other hand, can lead to complications such as an unwarranted data breach.

Passwords

Passwords Data breaches Authentication Cybersecurity

China Releases Draft Regulations on Network Data Security Management

Hunton Privacy

JANUARY 26, 2022

On November 14, 2021, the Cyberspace Administration of China (“CAC”) released for public comment its draft Regulations on Network Data Security Management (the “Draft Regulations”). In this blog post, we discuss several of the key areas addressed by the Draft Regulations. Data Breach. Cybersecurity Review.

Security

Security Data breaches Personal data Cybersecurity

Security Affairs newsletter Round 369 by Pierluigi Paganini

Security Affairs

JUNE 12, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?.

Security

Security Ransomware Cybersecurity Encryption

This Cybersecurity Awareness Month, Implement Multi-Factor Authentication

Rocket Software

OCTOBER 28, 2021

The White House has proclaimed October Cybersecurity Awareness Month, promoting efforts by the Cybersecurity and Infrastructure Security Agency (CISA) to encourage the public to be “Cyber Smart” and stay safe online. To constitute MFA, users should be asked to provide a combination of these categories. . In the U.S.,

Authentication

Authentication Cybersecurity Passwords Access

Thales Wins Cybersecurity Excellence Awards for Encryption and Identity and Access Management Solutions

Thales Cloud Protection & Licensing

MAY 21, 2019

Thales’s SafeNet Data Protection on Demand and SafeNet Trusted Access solutions have won the gold award in the Encryption and Identity and Access Management categories of the 2019 Cybersecurity Excellence Awards. We’re delighted to have won gold in two categories this year for our security solutions.

Encryption

Encryption Access Cybersecurity Cloud

GUEST ESSAY: Advanced tools, tactics required to defend latest attack variant — ‘DeepSea phishing’

The Last Watchdog

JULY 14, 2022

Despite increased public awareness of cybersecurity risks and safe browsing practices, the impact of phishing has increased exponentially – IBM’s 2021 Cost of Data Breach Report found phishing to be the second most expensive attack vector for enterprises. companies rising to $14.8 million in 2021 , compared with $3.8

Phishing

Phishing Cybersecurity Cloud Education

GUEST ESSAY — How threat detection services for SMBs are continuing to evolve and improve

The Last Watchdog

JANUARY 22, 2023

Small and medium-sized businesses are facing immense security challenges and these are the same as those of mid-size or larger enterprises. Organizations are confronted with a severe security threats landscape, and it is critical that they have the ability to prevent, detect and respond to these threats in a timely manner.

Artificial Intelligence

Artificial Intelligence Marketing Phishing Cloud

Strengthening cybersecurity in life sciences with IBM and AWS

IBM Big Data Hub

MAY 26, 2023

The role of AWS and cloud security in life sciences However, with greater power comes great responsibility. According to IBM’s Cost of a data breach 2022 report, 83% of organizations studied have had more than one data breach, and 60% of these breaches caused organizations to pass price increases on to clients.

Cybersecurity

Cybersecurity Cloud Compliance Computer and Electronics

CyberheistNews Vol 13 #25 [Fingerprints All Over] Stolen Credentials Are the No. 1 Root Cause of Data Breaches

KnowBe4

JUNE 20, 2023

1 Root Cause of Data Breaches Verizon's DBIR always has a lot of information to unpack, so I'll continue my review by covering how stolen credentials play a role in attacks. So, what does the report say about the most common threat actions that are involved in data breaches? Your employees are your last line of defense.

Data breaches

Data breaches Phishing Security awareness Ransomware

API Security Best Practices

Security Affairs

JUNE 14, 2022

Organizations are rapidly opening their ecosystem through Application Programming Interfaces (API) by ensuring seamless access to data and interaction with external software components and services. APIs are the gateway to providing the high security of data in an organization. Prioritize Security.

Security

Security Authentication Encryption Access

FTC ANPR Explores Wide Ranging Topics for Privacy and Cybersecurity Rulemaking

Data Matters

AUGUST 25, 2022

On Thursday, August 11, the Federal Trade Commission (“FTC”) announced that it is exploring rules to crack down on harmful commercial surveillance and lax data security practices. This change opened the ability for the FTC to expand its oversight of privacy and cybersecurity issues.

Privacy

Privacy Cybersecurity Data Privacy Data collection

Security Affairs newsletter Round 370 by Pierluigi Paganini

Security Affairs

JUNE 20, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. To nominate, please visit:?.

Security

Security Ransomware Libraries Encryption

Reuters: Russia-linked APT behind Brexit leak website

Security Affairs

MAY 28, 2022

According to a Google cybersecurity official and the former head of UK foreign intelligence, the “Very English Coop d’Etat” website was set up to publish private emails from Brexit supporters, including former British MI6 chief Richard Dearlove, leading Brexit campaigner Gisela Stuart, and historian Robert Tombs. .

Cybersecurity

Cybersecurity Authentication Security IT

LockBit ransomware attack impacted production in a Mexican Foxconn plant

Security Affairs

JUNE 2, 2022

The company’s cybersecurity team has been carrying out the recovery plan accordingly. The cybersecurity attack is estimated to have little impact on the Group’s overall operations. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Pierluigi Paganini.

Ransomware

Ransomware Manufacturing Cybersecurity Security

Italian National Cybersecurity Perimeter: With great power comes great responsibility!

Privacy and Cybersecurity Law

JUNE 23, 2021

The newly adopted Regulation on notification of security incidents. Classification of security incidents and notifications. Starting from January 1, 2022 [2] , the Operators included in the NCSP will be required to notify incidents to the Inter-ministerial Committee for the Security of the Republic (“ CSIRT ”).

Cybersecurity

Cybersecurity Communications Data breaches Security

New York Enacts Stricter Data Cybersecurity Laws

Data Matters

AUGUST 5, 2019

On July 25, 2019, Governor Cuomo signed the two bills into law, one which amended the state’s data breach notification law, and another that created additional obligations for data breaches at credit reporting agencies. The Stop Hacks and Improve Electronic Data Security Act.

Cybersecurity

Cybersecurity Data breaches Privacy Risk

Vice Society ransomware gang adds the Italian City of Palermo to its data leak site

Security Affairs

JUNE 10, 2022

In response to the security breach, the IT infrastructure of the city was shut down. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Ransomware

Ransomware IT Data breaches Education

Unlocking AI potential for CISOs: A framework for safe adoption

OpenText Information Management

MAY 6, 2024

Some of these AIs include machine learning (ML), and natural language processing (NLP) in the AI category, which makes AI more inclusive. AI trends – what is the role of AI in the security market? As AI development and usage continue to evolve, the security landscape is bound to evolve with them. billion by 2030.

Artificial Intelligence

Artificial Intelligence Security awareness Security Risk

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Sales

Sales Education Phishing Passwords

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

It applies to nearly any organization that processes EEA residents’ data for any purpose. The only data processing activities exempt from the GDPR are national security or law enforcement activities and purely personal uses of data. Criminal conviction data can only be controlled by public authorities.

GDPR

GDPR Compliance Personal data Privacy

Penetration testing methodologies and standards

IBM Big Data Hub

JANUARY 24, 2024

To mitigate and prepare for such risks, penetration testing is a necessary step in finding security vulnerabilities that an attacker might use. A penetration test , or “pen test,” is a security test that is run to mock a cyberattack in action. These attacks are often performed by red teams, or offensive security team.

Risk

Risk Data breaches Authentication Cybersecurity

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The GDPR applies to any organization that processes the personal data of European residents, regardless of where that organization is based. Finally, the GDPR applies to the processing of personal data for virtually any reason: commercial, academic, governmental, and otherwise.

GDPR

GDPR Compliance Personal data Privacy

The Week in Cyber Security and Data Privacy: 11 – 18 December 2023

IT Governance

DECEMBER 19, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. We’re also introducing two new categories this week: ‘AI’ and ‘Key dates’. Data breached: personal data belonging to 14,690,284 individuals.

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

ALPHV/BlackCat ransomware gang starts publishing victims’ data on the clear web

Security Affairs

JUNE 16, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Ransomware

Ransomware Cybersecurity Security Access

Anonymous: Operation Russia after 100 days of war

Security Affairs

JUNE 4, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Archiving

Archiving Government Passwords Cybersecurity

Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild

Security Affairs

JUNE 20, 2022

“This blog is the story of a “zombie” Safari 0-day and how it came back from the dead to be disclosed as exploited in-the-wild in 2022. reads the security advisory published by Apple. “A ” Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Security

Security IT Cybersecurity Data breaches

Why Do Hackers Hack? It’s About the Money, Apparently: Cybersecurity Trends

eDiscovery Daily

MAY 12, 2019

So says the 2019 Verizon Data Breach Investigations Report (DBIR), which analyzes the reported cybersecurity and data breach incidents for the year. While that is the highest category, it is 15% lower than last year. Have you ever experienced any data breaches, either personally or professionally?

Cybersecurity

Cybersecurity Data breaches Phishing Education

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission). Be one step ahead.

Privacy

Privacy GDPR Data breaches Risk

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

KnowBe4

MARCH 14, 2023

CyberheistNews Vol 13 #11 | March 14th, 2023 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears Robert Lemos at DARKReading just reported on a worrying trend. In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2%

Phishing

Phishing Security Artificial Intelligence Security awareness

Let’s give a look at the Dark Web Price Index 2022

Security Affairs

JUNE 15, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Privacy

Privacy Cybersecurity Security IT

CyberheistNews Vol 13 #24 [The Mind's Bias] Pretexting Now Tops Phishing in Social Engineering Attacks

KnowBe4

JUNE 13, 2023

CyberheistNews Vol 13 #24 | June 13th, 2023 [The Mind's Bias] Pretexting Now Tops Phishing in Social Engineering Attacks The New Verizon DBIR is a treasure trove of data. Blog post with screen shots and links: [link] A Master Class on Cybersecurity: Roger A. Let's drill down a bit more in the social engineering section.

Phishing

Phishing Passwords Data breaches Security awareness

California Privacy Law Overhaul – Proposition 24 Passes

Data Matters

NOVEMBER 4, 2020

Third, it creates a new category of businesses: those that voluntarily agree to be subject to the CCPA. The CPRA creates a new category of information called “sensitive personal information.” However, in some cases, the definition of “business” is narrowed. New Rights for Sensitive Personal Information.

Privacy

Privacy B2B Sales Data breaches

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

Recent guidance from the Securities and Exchange Commission (SEC) on disclosure and enforcement actions by the Federal Trade Commission (FTC) make clear that cybersecurity is no longer a niche topic, but a concern significant enough to warrant the oversight of corporate boards of directors. Adopting the NIST Cybersecurity Framework.

Cybersecurity

Cybersecurity Risk Passwords Authentication

China Data Law Update: Certification Rules and Draft Standard Contract Are Issued

Data Matters

JULY 14, 2022

The final version does not substantially depart from the exposure draft, which has been discussed in our previous blog post. In that event, the company will have to pass a governmental security review in order to continue to lawfully export personal information from China. What are the procedures to follow the standard contract route?

Compliance

Compliance Risk Data breaches Cybersecurity

Capita Admits That Its ‘Cyber Incident’ Was Ransomware and That Customer Data Was Breached

IT Governance

APRIL 20, 2023

It also works extensively with the Department of Work and Pensions, managing its payment assessment systems, and has contracts with the NHS, National Cyber Security Centre, the Cabinet Office and other government agencies. In most cases, identifying a data breach in nine days is something to be applauded. So far, so good.

Ransomware

Ransomware IT Data breaches Access

The Return of the Mac: CCPA 2.0 Qualifies for California’s November 2020 Ballot and Could Usher In Sweeping Changes to CCPA

Data Matters

JUNE 26, 2020

Data Retention Disclosure. Businesses would be required, at or before the point of collection, to inform consumers as to the length of time the business intends to retain each category of personal information. Data Security and Cooperation with Data Subject Requests Codified for Service Providers and Third Parties.

Data breaches

Data breaches Privacy Passwords Risk

CyberheistNews Vol 13 #15 [The New Face of Fraud] FTC Sheds Light on AI-Enhanced Family Emergency Scams

KnowBe4

APRIL 11, 2023

Share with friends, family and co-workers: [link] A Master Class on IT Security: Roger A. Grimes, Data-Driven Defense Evangelist at KnowBe4. This puts the onus on cybersecurity solutions and the users themselves, as the only additional means to keep the org secure. Full text of the alert is at the FTC website.

Passwords

Passwords Phishing Ransomware Security awareness

List of Data Breaches and Cyber Attacks in August 2023 – 79,729,271 Records Breached

List of Data Breaches and Cyber Attacks in September 2022 – 35.6 Million Records Breached

Webinars

Trending Sources

Data Breaches and Cyber Attacks Quarterly Review: Q1 2022

Webinars

List of data breaches and cyber attacks in December 2022 – 31.5 million records breached

Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

List of Data Breaches and Cyber Attacks in October 2022 – 9.9 Million Records Breached

GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers

China Releases Draft Regulations on Network Data Security Management

Security Affairs newsletter Round 369 by Pierluigi Paganini

This Cybersecurity Awareness Month, Implement Multi-Factor Authentication

Thales Wins Cybersecurity Excellence Awards for Encryption and Identity and Access Management Solutions

GUEST ESSAY: Advanced tools, tactics required to defend latest attack variant — ‘DeepSea phishing’

GUEST ESSAY — How threat detection services for SMBs are continuing to evolve and improve

Strengthening cybersecurity in life sciences with IBM and AWS

CyberheistNews Vol 13 #25 [Fingerprints All Over] Stolen Credentials Are the No. 1 Root Cause of Data Breaches

API Security Best Practices

FTC ANPR Explores Wide Ranging Topics for Privacy and Cybersecurity Rulemaking

Security Affairs newsletter Round 370 by Pierluigi Paganini

Reuters: Russia-linked APT behind Brexit leak website

LockBit ransomware attack impacted production in a Mexican Foxconn plant

Italian National Cybersecurity Perimeter: With great power comes great responsibility!

New York Enacts Stricter Data Cybersecurity Laws

Vice Society ransomware gang adds the Italian City of Palermo to its data leak site

Unlocking AI potential for CISOs: A framework for safe adoption

FBI: Compromised US academic credentials available on various cybercrime forums

GDPR compliance checklist

Penetration testing methodologies and standards

How to implement the General Data Protection Regulation (GDPR)

The Week in Cyber Security and Data Privacy: 11 – 18 December 2023

ALPHV/BlackCat ransomware gang starts publishing victims’ data on the clear web

Anonymous: Operation Russia after 100 days of war

Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild

Why Do Hackers Hack? It’s About the Money, Apparently: Cybersecurity Trends

The Privacy Officers’ New Year’s Resolutions

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

Let’s give a look at the Dark Web Price Index 2022

CyberheistNews Vol 13 #24 [The Mind's Bias] Pretexting Now Tops Phishing in Social Engineering Attacks

California Privacy Law Overhaul – Proposition 24 Passes

An Approach to Cybersecurity Risk Oversight for Corporate Directors

China Data Law Update: Certification Rules and Draft Standard Contract Are Issued

Capita Admits That Its ‘Cyber Incident’ Was Ransomware and That Customer Data Was Breached

The Return of the Mac: CCPA 2.0 Qualifies for California’s November 2020 Ballot and Could Usher In Sweeping Changes to CCPA

CyberheistNews Vol 13 #15 [The New Face of Fraud] FTC Sheds Light on AI-Enhanced Family Emergency Scams

Stay Connected