2020, Data breaches, Encryption and Government - Information Management Today

List of Data Breaches and Cyber Attacks in 2023

IT Governance

JUNE 1, 2023

Welcome to our new-look list of data breaches and cyber attacks. So, each month, we’ll update this page with the latest figures and links, so be sure to bookmark it to keep an eye out for the latest data breach news. His research also revealed that the stolen data contains 305 lines of data, including 74.4

Data breaches

Data breaches Insurance Personal data Ransomware

List of data breaches and cyber attacks in March 2020 – 832 million records breached

IT Governance

APRIL 2, 2020

With organisations across the globe turned upside down by the COVID-19 pandemic, there has never been a worse time to suffer a data breach or cyber attack. Randleman Eye Center says some files were encrypted in cyber attack (unknown). Data breaches. Detectives investigate data breach at Jefferson Co.

Data breaches

Data breaches Ransomware Energy and Utilities Phishing

Carnival confirms data breach as a result of the August ransomware attack

Security Affairs

OCTOBER 10, 2020

Carnival Corporation, the world’s largest cruise line operator, has confirmed a data breach as a result of the august ransomware attack. Carnival Corporation, the world’s largest cruise line operator, has confirmed a data breach as a result of the ransomware attack that took place in August.

Data breaches

Data breaches Ransomware Access Cybersecurity

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Top 7 Cloud Storage Security Issues & Risks (+ Mitigations)

eSecurity Planet

JANUARY 30, 2024

Availability & Reliability Cloud storage service outages affect business operations and hinder access to crucial data. Downtime limits incident response, increases the risk of data breaches, and can be used as leverage for DDoS attacks. Make the default data storage settings private. million records exposed.

Cloud

Cloud Risk Security Encryption

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. Third-party governance. Archer was named a Leader in Gartner’s 2020 Magic Quadrant for IT risk management and IT vendor risk management tools.

Compliance

Compliance Risk Government Retail

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

Hunton Privacy

JULY 1, 2022

NYDFS also found that Carnival had failed to implement basic protocols to prevent data breaches. The first cyber attack took place through a phishing email or password spray attack where unauthorized third parties gained access to 124 employee accounts and used that access to send a series of phishing emails.

Cybersecurity

Cybersecurity Insurance Phishing Financial Services

The Week in Cyber Security and Data Privacy: 13 – 19 November 2023

IT Governance

NOVEMBER 20, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. have notified 330,000 people that their personal data might have been compromised as part of the MOVEit Transfer data breach.

Data Privacy

Data Privacy Privacy Data breaches Security

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

It is perhaps best known for selling virtual private networking (VPN) software that lets users remotely access networks and computers over an encrypted connection. 10, 2020, Citrix disclosed additional details about the incident. But in a letter sent to affected individuals dated Feb. 13, 2018 and Mar.

Passwords

Passwords Access Insurance Government

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

Thales Cloud Protection & Licensing

DECEMBER 22, 2020

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing. Tue, 12/22/2020 - 10:08. New EU restrictions could force companies to change data transfer practices and adopt more advanced data encryption methods. Multinationals Face Unique Challenges. Privacy Shield was unlawful.

Data Privacy

Data Privacy Privacy Security Encryption

Consumers have their Say about Protection of Personal Data – Call for More Stringent Controls

Thales Cloud Protection & Licensing

OCTOBER 10, 2022

Consumers have their Say about Protection of Personal Data – Call for More Stringent Controls. Tue, 10/11/2022 - 06:46. We live in a digital world in which we engage with significant social, government, retail, business and entertainment services now delivered without any direct human service management.

Personal data

Personal data Data breaches Government Authentication

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Last Watchdog

MARCH 21, 2022

At the same time – in fact, as a direct result of data’s central importance – more adversaries are working harder and finding more nefarious ways to steal or otherwise compromise your data. As just one measure, the number of data breaches in the first nine months of 2021 exceeded all those in 2020, a new record.

Encryption

Encryption Cloud Privacy GDPR

How $100M in Jobless Claims Went to Inmates

Krebs on Security

FEBRUARY 25, 2021

Labor Department’s inspector general said this week that roughly $100 million in fraudulent unemployment insurance claims were paid in 2020 to criminals who are already in jail. A new report (PDF) from the Labor Department’s Office of Inspector General (OIG) found that from March through October of 2020, some $3.5

Authentication

Authentication Insurance Personal data Encryption

$10,000,000 civil penalty for disclosing personal data without consent

Data Protection Report

APRIL 30, 2024

In brief, the company agreed to settle the charges—without admitting or denying the allegations—for a civil payment of $10 million (partly suspended) plus $5 million in civil relief, as part of a 20-year stipulated order. As indicated in the paragraph quoted above, the company collected some very sensitive personal information.

Personal data

Personal data Privacy Information governance Compliance

The Pain of Double Extortion Ransomware

Thales Cloud Protection & Licensing

FEBRUARY 15, 2023

The Pain of Double Extortion Ransomware divya Thu, 02/16/2023 - 06:10 Ransomware perpetrators are adopting more sophisticated attack techniques with much success. The problem is that businesses are not yet aware of double or triple extortion ransomware and how these tactics can affect their data protection strategies.

Ransomware

Ransomware Encryption Security awareness Insurance

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

DECEMBER 13, 2021

On May 10, one of the hospitals detected malicious activity on its Microsoft Windows Domain Controller, a critical “keys to the kingdom” component of any Windows enterprise network that manages user authentication and network access. In October 2020, KrebsOnSecurity broke the story that the FBI and U.S.

Ransomware

Ransomware Cybersecurity Phishing Security

FTC Announces Enforcement for Inadequate Third Party Risk Management Practices Under the GLBA’s Safeguards Rule

Hunton Privacy

DECEMBER 24, 2020

On December 15, 2020, the Federal Trade Commission announced a proposed settlement with Ascension Data & Analytics, LLC, a Texas-based mortgage industry data analytics company (“Ascension”), to resolve allegations that the company failed to ensure one of its vendors was adequately securing personal information of mortgage holders.

Risk

Risk Analytics Information Security Cloud

Cruise line operator Carnival Corporation suffers a ransomware attack

Security Affairs

AUGUST 18, 2020

Carnival Corporation & plc is a British-American cruise operator, currently the world’s largest travel leisure company, with a combined fleet of over 100 vessels across 10 cruise line brands. The unauthorized access also included the download of certain of our data files,” states the 8-K form filed with the SEC.

Ransomware

Ransomware Personal data Access Data breaches

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Most organizations express confidence in their current status and budgets, but also expect to experience at least one data breach in 2024. Compromised Credentials Compromised identities from phishing, info stealers, keyloggers, and bad password habits provide the entry point for most ransomware attacks and data breaches.

Cybersecurity

Cybersecurity Ransomware Passwords Cloud

History Doesn’t Repeat Itself in Cyberspace

Thales Cloud Protection & Licensing

AUGUST 22, 2019

With publicly announced plans to defend the 2020 elections from foreign interference, along with authorization to operate against overseas adversaries, it seems likely that the Cyber Command is stepping up its cyber warfare game, as it should. But will investment in its own technology infrastructure be commensurate with risks it faces?

Digital transformation

Digital transformation Encryption Risk Cybersecurity

Top Cybersecurity Startups to Watch in 2022

eSecurity Planet

JANUARY 11, 2022

We’ll start with the top 10 overall and then look at other noteworthy startups in a number of markets. Top 10 Cybersecurity Startups. Series A Cado Security 2020 London, UK 26 $11.5 Series B Wiz 2020 Tel Aviv, Israel 186 $230.0 Series A Cado Security 2020 London, UK 26 $11.5 Series B SECURITI.ai Perimeter 81.

Cybersecurity

Cybersecurity Cloud Compliance Analytics

Top 12 Cloud Security Best Practices for 2021

eSecurity Planet

SEPTEMBER 10, 2021

According to IDC’s 2021 State of Cloud Security Report , 79 percent of surveyed companies reported a cloud data breach in the last 18 months. Public cloud infrastructure as a service (IaaS) may be less vulnerable than traditional data centers, but that doesn’t mean it’s without its own set of risks.

Cloud

Cloud Security Encryption Risk

Nation-State-Sponsored Attacks: Not Your Grandfather’s Cyber Attacks

Data Matters

MAY 17, 2022

It used to be that data breaches were all about cyber-crooks hacking computer systems to steal personal information, followed by an affected company sending regretful notification letters offering a year or two of complimentary credit monitoring. and foreign government agencies. All rights reserved. imposed economic sanctions.

Cybersecurity

Cybersecurity Government Authentication Ransomware

Consultation paper published on Hong Kong’s data protection law

Data Protection Report

JANUARY 16, 2020

The Paper was released as part of an agenda for the upcoming Panel meeting which will be held on Monday, 20 th January 2020, and follows proposals by the Privacy Commissioner for Personal Data (the Commissioner ) to the government to amend the PDPO. Amendment to the definition of personal data.

Paper

Paper Personal data Data breaches Privacy

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

Focus on Good Hygiene to Protect Yourself Against Digital Pandemics

Thales Cloud Protection & Licensing

JANUARY 19, 2021

Tue, 01/19/2021 - 10:28. By now everyone in the security world has heard of the chaos surrounding the SolarWinds breach and the ensuing mess that has erupted. With so many companies and government agencies affected, I’m sure we will continue to hear about the story and damage for many months to come. Get the vaccine.

Encryption

Encryption Access Ransomware Digital transformation

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. ICYMI, Equifax forced to pull offline a huge database of consumer data guarded only by credentials "admin/admin" [link] — briankrebs (@briankrebs) September 13, 2017.

Cybersecurity

Cybersecurity e-Discovery Passwords Information Security

Consultation paper published on Hong Kong’s data protection law

Data Protection Report

JANUARY 16, 2020

The Paper was released as part of an agenda for the upcoming Panel meeting which will be held on Monday, 20 th January 2020, and follows proposals by the Privacy Commissioner for Personal Data (the Commissioner ) to the government to amend the PDPO. Amendment to the definition of personal data.

Paper

Paper Personal data Data breaches Privacy

IAM 101: Terms you Need to Know

Thales Cloud Protection & Licensing

NOVEMBER 9, 2020

Tue, 11/10/2020 - 05:27. As cyber security awareness evolves, large-scale breaches including thefts of personal identifiable information (PII) tends to hit the news. Identity and access management (IAM) solutions play a key role in preventing data breaches by securing apps and services at the access point.

Authentication

Authentication Passwords Access Cloud

How to Comply with GDPR, PIPL, and CCPA

eSecurity Planet

DECEMBER 22, 2021

If your organization isn’t located in China but holds data on Chinese citizens, you must establish either an office or designated representative in China and register that information with the appropriate government officials. If none of those are applicable to you, then you need to get consent from each person you’re keeping data on.

GDPR

GDPR Compliance Data Privacy Privacy

Weekly podcast: Bank of England, the OPM, Patch Tuesday and Japanese minister

IT Governance

NOVEMBER 16, 2018

Hello and welcome to the IT Governance podcast for Friday, 16 November. Do you remember the 2015 data breaches at the OPM (the US federal Office of Personnel Management)? The ones that affected the unencrypted personal data of 4.2 Here are this week’s stories. million individuals ?

Encryption

Encryption Risk Passwords Government

The Burden of Privacy In Discovery

Data Matters

SEPTEMBER 29, 2021

10 At that time, it was aimed most squarely at curbing the types of duplicative, excessive, “scorched earth” discovery practices that were prevalent — i.e., at the problem of so-called “overdiscovery.”11 19 No longer are the proportionality considerations described as separate “limitations” on an inquiry governed solely by relevance.20

Privacy

Privacy e-Discovery Computer and Electronics e-Delivery

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

The CCPA goes into effect January 1, 2020. Below is a history of the CCPA, a summary of its key elements as adopted, including recently adopted technical amendments, and practical takeaways for covered entities as the law moves from passage to 2020 enforcement. The CCPA governs how businesses treat “consumer” “personal information.”

Privacy

Privacy Sales Compliance Cybersecurity

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

The CCPA goes into effect January 1, 2020. Below is a history of the CCPA, a summary of its key elements as adopted, including recently adopted technical amendments, and practical takeaways for covered entities as the law moves from passage to 2020 enforcement. The CCPA governs how businesses treat “consumer” “personal information.”

Privacy

Privacy Sales Education Compliance

Information Management Today

List of Data Breaches and Cyber Attacks in 2023

List of data breaches and cyber attacks in March 2020 – 832 million records breached

Webinars

Trending Sources

Carnival confirms data breach as a result of the August ransomware attack

Webinars

Top 7 Cloud Storage Security Issues & Risks (+ Mitigations)

Top 10 Governance, Risk and Compliance (GRC) Vendors

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

The Week in Cyber Security and Data Privacy: 13 – 19 November 2023

Hackers Were Inside Citrix for Five Months

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

Consumers have their Say about Protection of Personal Data – Call for More Stringent Controls

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

How $100M in Jobless Claims Went to Inmates

$10,000,000 civil penalty for disclosing personal data without consent

The Pain of Double Extortion Ransomware

Inside Ireland’s Public Healthcare Ransomware Scare

FTC Announces Enforcement for Inadequate Third Party Risk Management Practices Under the GLBA’s Safeguards Rule

Cruise line operator Carnival Corporation suffers a ransomware attack

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

History Doesn’t Repeat Itself in Cyberspace

Top Cybersecurity Startups to Watch in 2022

Top 12 Cloud Security Best Practices for 2021

Nation-State-Sponsored Attacks: Not Your Grandfather’s Cyber Attacks

Consultation paper published on Hong Kong’s data protection law

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Focus on Good Hygiene to Protect Yourself Against Digital Pandemics

Top Cybersecurity Accounts to Follow on Twitter

Consultation paper published on Hong Kong’s data protection law

IAM 101: Terms you Need to Know

How to Comply with GDPR, PIPL, and CCPA

Weekly podcast: Bank of England, the OPM, Patch Tuesday and Japanese minister

The Burden of Privacy In Discovery

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Stay Connected