Tesla, SpaceX Parts Manufacturer Suffers Data Breach

Dark Reading

Visser Precision has confirmed a security incident likely caused by the data-stealing DoppelPaymer ransomware

Cybersecurity in manufacturing

OpenText Information Management

Not long ago, many manufacturing CIOs thought that cybersecurity was something only the financial sector had to worry about. Why would anyone want to hack a manufacturing plant? How times have changed – now, cybersecurity in manufacturing is definitely front and center.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Mitsubishi Electric discloses data breach, media blame China-linked APT

Security Affairs

Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate information. Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. SecurityAffairs – data breach, hacking).

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

Security Affairs

Stadler, a Swiss manufacturer of railway rolling stock disclosed a data breach, hackers attempted to blackmail the company. International rail vehicle manufacturer, Stadler , disclosed a security breach that might have also allowed the attackers to steal company data.

Airbus data breach exposes some employees’data

Security Affairs

The European airplane manufacturer Airbus announced to have suffered a data breach that exposed some employees’ data. and to mitigate the potential impact of the data breach. SecurityAffairs – hacking, data breach).

Why a Furniture Maker Had to Report a Health Data Breach

Data Breach Today

Many Employers Have Health Data That Must Be Protected Under HIPAA Sometimes, even a furniture manufacturer must report a health data breach to comply with the HIPAA Breach Notification Rule.

Adidas data breach

IT Governance

On 28 June 2018, athletic apparel company Adidas announced that its US website had suffered a data breach , exposing online customers’ personal data. The breach was detected on 26 June.

Toyota suffers second data breach in five weeks

IT Governance

Toyota has disclosed a data breach that may have affected up to 3.1 It’s the second time the car manufacturer has been breached in the last five weeks. million customers.

List of data breaches and cyber attacks in July 2018 – 139,731,894 million records leaked

IT Governance

There were some incredibly sensitive breaches this month, the majority of which were caused by human error. I imagine human error will continue to be the main cause of data breaches for decades to come – damn humans. Data breach. Hackers stole data of PM Lee and 1.5

Why you should be concerned about payment card data breaches

IT Governance

In this blog, we look at the ongoing threat of debit and credit card fraud, explaining why it appeals to cyber criminals, what they do with the stolen information and how implementing the requirements of the PCI DSS (Payment Card Industry Data Security Standard) can thwart crooks’ schemes.

Bad actor sells Huiying Medical Technology’s source code for AI-assisted COVID-19 detection

Security Affairs

Experts from Cyble identified a threat actor attempting to sell Huiying Medical Technology’s source code for AI-assisted COVID-19 detection and experimental data. researches, develops, manufactures, and distributes medical imaging devices.

Sales 101

Japan suspects HGV missile data leak in Mitsubishi security breach

Security Affairs

it suspects a possible leak of data including details of a prototype missile. Mitsubishi revealed that personal data on some 8,000 people also might have been leaked. Now, the authorities suspect a data leak that could have exposed details of a prototype missile.

Security Affairs - Untitled Article

Security Affairs

Toyota Motor Corporation (TMC) sales subsidiary and its affiliates suffered a data breach that exposed personal information of millions of customers in Japan. The car manufacturer pointed out that there is no evidence that hackers have stolen the data.

Sales 89

Top Australia Defence company Austal notifies a serious security breach

Security Affairs

Austal, a top Australia defence firm reports also working with the United States Navy has suffered a serious security breach. ” reads the data breach notification published by the company. Security Affairs – Austal, data breach).

Sales 109

Hacker breached Perceptics, a US maker of license plate readers

Security Affairs

Perceptics, a maker of vehicle license plate scanning solutions used in the US, has been hacked, attackers stole data and offered for free on the dark web. Stolen data include some databases and company documents. SecurityAffairs – Perceptics, data breach).

Customs and Border Protection (CBP) confirms hack of a subcontractor

Security Affairs

At the end of May the company Perceptics, a leader in license plate readers (LPRs), license plate recognition systems and vehicle identification products, announced to have suffered a security breach. CBP said that stolen data are not available online or in the Dark Web.

Security Affairs newsletter Round 265

Security Affairs

Breaking News data breach Hacking information security news it security it security affairs it security news malware Newsletter Pierluigi Paganini Security NewsA new round of the weekly SecurityAffairs newsletter arrived!

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Security Affairs

Japanese defense contractors Pasco and Kobe Steel have disclosed security breaches that they have suffered back in 2016 and 2018. Pasco is Japan’s largest geospatial provider and Kobe Steel is one of the major steel manufacturers.

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Krebs on Security

The email allowed the intruders to install malware on the victim’s PC and to compromise a second computer at the bank that had access to the STAR Network , a system run by financial industry giant First Data that the bank uses to handle debit card transactions for customers.

440M records found online in unprotected database belonging to Estée Lauder

Security Affairs

Estée L auder is an American multinational manufacturer and marketer of p restige skincare, makeup, fragrance and hair care p roducts, it owns multiple brands, distributed internationally through both digital commerce and retail channels. SecurityAffairs – Data Leak, Estée Lauder).

Security Affairs newsletter Round 264

Security Affairs

Breaking News data breach information security news it security news malware Newsletter Pierluigi Paganini Security Affairs Security NewsA new round of the weekly SecurityAffairs newsletter arrived!

New Guidance Published on Cybersecurity and Medical Devices

Data Matters

New European medical device guidance will require manufacturers to carefully review cybersecurity and IT security requirements in relation to their devices and in their product literature. This new guidance comes at the same time as a draft guidance on privacy by design has been published by the European Data Protection Board requiring product developers to implement privacy into the design of their products.

These hackers have breached FBI-affiliated websites and leaked data online

Security Affairs

Hackers publish personal data on thousands of US police officers and federal agents. Media outlet Techcrunch reported that a hacker group has breached several FBI-affiliated websites and leaked the stolen info online. Now we are structuring all the data, and soon they will be sold.

Biometric data of 1M leaked via an unsecured Suprema owned database

Security Affairs

Researchers from vpnMentor discovered the personal and biometric data (i.e. The 23-GB ElasticSearch archive was discovered earlier in August, data contained in the database were collected from customers utilizing BioStar 2. Phoenix Medical – Medical products manufacturer.

Security Affairs newsletter Round 236

Security Affairs

Imperva explains how hackers stole AWS API Key and accessed to customer data. Privacy advocates criticize Apple for sharing some users browsing data with Tencent. Click2Mail suffered a data breach that potentially impacts 200,000 registrants.

PCI DSS: Lessons to learn from recent payment card breaches

IT Governance

Over the past month or so, we’ve been discussing the threats associated with payment card breaches, and why it’s important to comply with the PCI DSS (Payment Card Industry Data Security Standard). Further reading: Why you should be concerned about payment card data breaches.

Security Affairs newsletter Round 196 – News of the week

Security Affairs

Blur data leak potentially exposed data of 2.4 Hackers have stolen customer data from Titan Manufacturing and Distributing company for nearly one year. German youngster behind massive data leak of German politicians data.

Lessons for In-House Counsel from Cybersecurity’s Front Lines

HL Chronicle of Data Protection

Cybersecurity & Data Breaches city governments cyberattack cybersecurity educational institutions energy utilities financial institutions hospital systems hotel chains in-house counsel retail risk social media sites Telecommunications

California Passes First Of Its Kind IoT Cybersecurity Law

Privacy and Cybersecurity Law

Below is a summary of California’s new law and some takeaways for IoT device manufacturers as they move toward January 1, 2020 compliance. The new law addresses the security obligations of “manufacturers” of connected devices.

Protect Your Home Office and Network With These 5 Tips

Adam Levin

Secure Your Router: If you’re still using your router’s manufacturer default password, it’s past time for a change. Be sure to change the default manufacturer password, and update software with the latest patches. Data Security Technology featured coronavirus covid-19

DHS and FBI – Hackers Are Targeting US Nuclear, Energy, and Manufacturing Facilities

Privacy and Cybersecurity Law

According to a new joint report issued by the US Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), hackers have been penetrating the computer networks of companies that operate nuclear power stations, energy facilities, and manufacturing plants in the US since May 2017. If you or your enterprise is engaged in the energy or manufacturing sectors, cyber threat preparation and monitoring is your first line of defense against bad actors.

Proposed Changes to FDA Guidance for the Content of Premarket Submissions for Management of Cybersecurity in Medical Devices: What you Should Know

HL Chronicle of Data Protection

The new draft premarket cybersecurity guidance provides information designed to aid manufacturers in determining how to meet the agency’s expectations during premarket review of medical devices.

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

Krebs on Security

The reader said the apparent culprit was the Snake ransomware , a relatively new strain first detailed earlier this year that is being used to shake down large businesses, holding their IT systems and data hostage in exchange for payment in a digital currency such as bitcoin.

Reltio Supports Apple CEO Tim Cook’s Clarion Call for Stronger US Customer Data Privacy Laws

Reltio

privacy law , similar to GDPR (General Data Protection Regulation), is appropriate and timely. Five years ago this initiative would have been too big of a burden for companies because customer data is siloed throughout organizations in dozens or hundreds of separate systems. GDPR has irreversibly changed the landscape for single customer view data projects for companies doing business in Europe. Blending different types of data. Understanding data ownership.

From China with Love: New York Firm sold millions in PRC Surveillance Gear to US Government, Military

The Security Ledger

government: selling Chinese manufactured cameras and other gear to the U.S. Independent Security Researchers Feel the Chill Up North Podcast Episode 141: Massive Data Breaches Just Keep Happening.

NIST Plans To Examine Internet of Things (IoT) For Its Cybersecurity Framework

Privacy and Cybersecurity Law

In January 2017, the FTC brought its first enforcement action against a computer networking equipment manufacturer for failing to undertake what the FTC considers reasonable steps needed to secure wireless routers or IP cameras from “widely known and reasonably foreseeable” risks of unauthorized access by failing to proactively address “well-known and easily preventable security flaws.”

DHS And FBI Issue Joint Warning – Hackers Have Targeted Critical Sector Industries Since March 2016

Privacy and Cybersecurity Law

government entities and organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors since at least March 2016. ” Perhaps most troubling, the DHS and FBI identified in multiple instances “the threat actors accessed workstations and servers on a corporate network that contained data output from control systems within energy generation facilities.”

Airbus suppliers were hit by four major attack in the last 12 months

Security Affairs

“The group has long been considered a tempting target because of the cutting-edge technologies that have made it one of the world’s biggest commercial plane manufacturers, as well as a strategic military supplier.”

Moody’s to Include Cyber Risk in Credit Ratings

Adam Levin

The move is seen as part of a wider initiative to gauge the risk of cyberattacks and data breaches to companies and their investors. “We’ve Other factors thought to be calculated into the overall risk include the type of company (many industries are more frequently subject to cyberattacks), and the long term impact of a breach on a company’s bottom line. Data Security Banking Cybersecurity featured credit moody's cyber risk

Risk 83

French Firms Rocked by Kasbah Hacker?

Krebs on Security

While sinkholing doesn’t clean up infected systems, it can prevent the attackers from continuing to harvest data from infected PCs or sending them new commands and malware updates.