Data Breach Culprits: Phishing and Ransomware Dominate

Data Breach Today

Meanwhile, Breaches Involving Military Secrets and CCTV Footage Beset UK Government Phishing, ransomware and unauthorized access remain the leading causes of personal data breaches as well as violations of data protection rules, Britain's privacy watchdog reports.

APT Group Targeting Military Refines Its Tactics

Data Breach Today

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Russia Warns of Military Action If US Attacks Infrastructure

Data Breach Today

Russian Foreign Ministry Says Aggressive Actions in Cyberspace Won’t Go Unanswered Top Russian diplomat Andrei Krutskikh is pressuring the U.S. to back down in cyberspace after the director of U.S. Cyber Command, Army Gen.

Spear-Phishing Campaign Uses Military-Themed Documents

Data Breach Today

Cisco Talos Researchers Find Hackers Using New Dropper Called IndigoDrop A spear-phishing campaign is using military-themed malicious Microsoft Office documents to infect devices, according to researchers at Cisco Talos.

Iran's Military Reportedly Backs Ransomware Campaign

Data Breach Today

Could Cyberespionage Be Campaign's Real Purpose? Iran's Islamic Revolutionary Guard Corps was behind a ransomware campaign that used a contracting company called "Emen Net Pasargard" to target more than a dozen organizations, according to the security firm Flashpoint.

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. The U.S.

Pentagon Travel Provider Data Breach Counts 30,000 Victims

Data Breach Today

Department of Defense Has Begun Notifying Military and Civilian Breach Victims The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel. The breach alert follows a recent GAO report warning of serious cybersecurity shortcomings in U.S.

Pentagon Data Breach Exposed 30,000 Travel Records

Data Breach Today

Department of Defense Has Begun Notifying Military and Civilian Breach Victims The Pentagon is warning that a data breach at a third-party travel management service provider exposed an estimated 30,000 civilian and military personnel records. The breach alert follows a recent GAO report warning of serious cybersecurity shortcomings in U.S.

Australia Took Military System Offline Over Hack Fears

Data Breach Today

Defense Department Says No Data Was Compromised Australia reportedly took a sensitive military recruiting database offline for 10 days in February following concerns it may have been compromised. The Defense Department says there's no evidence data was stolen

Healthcare giant Magellan Health discloses data breach after ransomware attack

Security Affairs

is an American for-profit managed health care company, its customers include health plans and other managed care organizations, employers, labor unions, various military and governmental agencies and third-party administrators. ” reads the data breach notice issued by the company.

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

IT Governance

Our figures for this month are comparatively low – with 83 data breaches and cyber attacks accounting for 5,127,241 breached records – but there is a sense that we are on the brink of something. Data breaches. Data breaches.

Connecticut Tightens its Data Breach Notification Laws

Data Protection Report

Effective October 1, 2021, an amendment [1] to the Connecticut General Statute concerning data privacy breaches, Section 36a-701b, will impact notification obligations in several significant ways. Cybersecurity Data breach

Pentagon Defense Department travel records data breach

Security Affairs

Pentagon – Defense Department travel records suffered a data breach that compromised the personal information and credit card data of U.S. military and civilian personnel. The Pentagon revealed that the Defense Department travel records suffered a data breach that compromised the personal information and credit card data of U.S. military and civilian personnel. The security breach was notified to the leaders on October 4.

UK printing company Doxzoo exposed US and UK military docs

Security Affairs

UK printing company Doxzoo exposed hundreds of gigabytes of information, including documents related to the US and British military. Military documents belong to the US and UK military, experts noticed that the incident also impacted Doxzoo customers from India, Nigeria and Sri Lanka.

List of data breaches and cyber attacks in July 2020 ­– 77 million records breached

IT Governance

After mammoth amounts of personal data were leaked in May and June, we’ve seen a reversion to the mean this month. You can find our full list of publicly disclosed data breaches from July in this blog. Bitcoin scam leaks personal data of users from across the globe (248,926).

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

IT Governance

We found a comparatively low 9,780,931 breached records from publicly disclosed security incidents in June 2021. June’s figures bring the annual running total of security incidents to 729 and the total number of breached records to 3,947,030,094. Data breaches.

Report Outlines Military Health Facility Security Weaknesses

Data Breach Today

Watchdog Agency: Problems Put Patient Data at Risk Some military health facilities haven't consistently implemented security controls, putting patient data at risk, according to a new watchdog agency report. But security experts say the weaknesses are quite common at civilian health facilities as well

DOJ: Company Sold Gear With Security Flaws to US Military

Data Breach Today

military and other agencies for a decade and passing the gear off as American made Prosecutors Allege Firm Sold Chinese Surveillance Tech That Contained Vulnerabilities Federal prosecutors have charged a Long Island company, along with seven of its employees, with selling vulnerability-laden Chinese technology to the U.S.

Unsecure Database Exposed US Military Personnel Data: Report

Data Breach Today

Exposed Database Owned by AutoClerk Hotel Reservation Management System An unsecure database belonging to a company that provides hotel reservation management technology exposed about 179 GB of customer data, including travel arrangements and other data for U.S. military and other government personnel, according to a new report from two independent security researchers

List of data breaches and cyber attacks in April 2021 – 1 billion records breached

IT Governance

It was another busy month in the cyber security sector, as we discovered 143 incidents that resulted in 1,098,897,134 breached records. Ransomware was again one of the biggest contributors to that total, accounting for almost one in three data breaches. Data breaches.

List of data breaches and cyber attacks in March 2020 – 832 million records breached

IT Governance

With organisations across the globe turned upside down by the COVID-19 pandemic, there has never been a worse time to suffer a data breach or cyber attack. Australia’s Defence Force Recruiting systems were taken offline after security breach (unknown). Data breaches.

Apply Military Strategy to Cybersecurity at Black Hat Trainings Virginia

Dark Reading

This special October event in Alexandria, Virginia offers unique, practical courses in everything from data breach response to military strategy for cybersecurity

Anthem, Apple and the Pentagon: A Data-Breach Cornucopia

Threatpost

Breach Critical Infrastructure Government Hacks Privacy Vulnerabilities 000 victims 30 Anthem apple Apple ID credit card breach data breach Department of Defense goa report military personnel payment fraud Pentagon record fine travel office weapons vulnerabilitiesA record fine and two new compromises kick off the autumn compromise season.

Classified NATO documents sold on darkweb after they were stolen from Portugal

Security Affairs

The Armed Forces General Staff (Portuguese: Estado-Maior-General das Forças Armadas), or EMGFA, is the supreme military body of Portugal. Threat actors claimed to have stolen classified NATO documents from the Armed Forces General Staff agency of Portugal (EMGFA).

Autoclerk travel reservations platform data leak also impacts US Government and military

Security Affairs

vpnMentor’s discovered a breach in a database belonging to Autoclerk, a reservations management system owned by Best Western Hotels and Resorts Group. Security experts at vpnMentor’s discovered a breach in a database belonging to Autoclerk, a reservations management system owned by Best Western Hotels and Resorts Group. The data leak exposed sensitive personal information of thousands of users worldwide and hotel guests, along with a hotel and travel reservations.

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

Hunton Privacy

On July 1, 2020, amendments to Vermont’s data breach notification law, signed into law earlier this year, will take effect along with Vermont’s new student privacy law. Security Breach Notice Act. Student Data Privacy. Security Breach U.S.

List of data breaches and cyber attacks in August 2020 – 36.6 million records breached

IT Governance

There were a massive 99 data breaches and cyber attacks in August, making it the third-biggest monthly total of the year by number of security incidents. Data breaches. The post List of data breaches and cyber attacks in August 2020 – 36.6

Threat actor claims to have hacked European manufacturer of missiles MBDA

Security Affairs

Adrastea said that they have found critical vulnerabilities in the company infrastructure and have stolen 60 GB of confidential data. We found critical vulnerabilities in your network infrastructure and gained access to the company’s files and confidential data.

Feds Offer $10 Million Reward for Russia's Sandworm Hackers

Data Breach Today

6 Russian Military Intelligence Agents Charged With Launching NotPetya Destruction The U.S. government on Tuesday announced a reward of up to $10 million for information pertaining to six alleged Russian military hackers tied to the 2017 NotPetya destructive malware campaign.

Equifax Breach: Four Members of Chinese Military Charged with Hacking

Threatpost

Feds have charged four members of the Chinese People’s Liberation Army (PLA) in connection with the infamous 2017 Equifax breach. Breach Government apache struts flaw breach china hacks Chinese people's liberation army Chinese PLA data breach Equifax Equifax breach hack Hackers personal data

Data Breach Exposes Records of 114 Million U.S. Citizens, Companies

The Security Ledger

citizens and companies was discovered sitting online unprotected due to misconfigured search, a data leak that is estimated to affect about 83 million people. The post Data Breach Exposes Records of 114 Million U.S. Related Stories Veeam mishandles Own Data, exposes 440M Customer E-mails Military documents about MQ-9 Reaper drone leaked on dark web Report: Small, Stealthy Groups Behind Worst Cybercrimes.

Analysis: Indictments in Equifax Hack

Data Breach Today

The latest edition of the ISMG Security Report analyzes the indictments of four Chinese military officers in connection with the 2017 Equifax data breach. Also featured: Advice on implementing NIST's new privacy framework; lessons learned in a breach disclosure

Chinese Cyberespionage Campaign Used Another Backdoor

Data Breach Today

Bitdefender: Naikon Targeted Military Organizations in Southeast Asia A Chinese advanced persistent threat group known as Naikon deployed a new malware backdoor to wage a lengthy cyberespionage campaign against military organizations in Southeast Asia, security firm Bitdefender reports

Chinese Military personnel charged with hacking into credit reporting agency Equifax

Security Affairs

The United States Department of Justice charged 4 Chinese military hackers with hacking into credit reporting agency Equifax. The four members of the Chinese military unit are Wu Zhiyong (???), were members of the PLA’s 54 th Research Institute, a component of the Chinese military.

Chinese Cyber Espionage Campaign Used Another Backdoor

Data Breach Today

Bitdefender: Naikon Targeted Military Organizations in Southeast Asia A Chinese advanced persistent threat group known as Naikon deployed a new malware backdoor to wage a lengthy cyber espionage campaign against military organizations in Southeast Asia, security firm Bitdefender reports

Cabinet Office at risk of further data breaches, review concludes

The Guardian Data Protection

Series of recommendations are made following leak of New Year honours list details A government department admonished for publishing honours list details in error is at “significant risk” of making further and bigger personal data breaches, a review has found.

Russian Hackers Target Private Ukrainian Energy Firm

Data Breach Today

DTEK Group Alleges Russian Hackers/Military Behind Hybrid Attacks Ukrainian private energy firm DTEK group alleges that the Russian federation has carried out a cyberattack against its facilities, crippling its infrastructure in retaliation for its owners' support of the country in its war against Russian invaders.

List of data breaches and cyber attack in March 2019 – 2.1 billion records leaked

IT Governance

There’s a new compiler at the helm of our monthly list of data breaches, following the departure of IT Governance stalwart Lewis Morgan, who leaves me with some mighty big shoes to fill. Fortunately – or, rather, unfortunately ­– the new regime has a familiar ring to it, with another mammoth list of data breaches. All-in-one widget ShareThis discloses data theft (617 million). Chinese hackers target universities in pursuit of maritime military secrets (unknown).

Military documents about MQ-9 Reaper drone leaked on dark web

The Security Ledger

Hackers have put up for sale on the dark web sensitive military documents, some associated with the U.S. military’s MQ-9 Reaper drone aircraft, one of its most lethal and technologically advanced drones, security research firm Recorded Future recently discovered. » Related Stories Fitness apps: Good for your health, not so much for military security Evasive new botnet can take over enterprise devices to steal data, spread ransomware U.S.

GUEST ESSAY: Pentagon’s security flaws highlighted in GAO audit — and recent data breach

The Last Watchdog

And yet two recent disclosures highlight just how brittle the military’s cyber defenses remain in critical areas. The result: personal information and credit card data of at least 30,000 U.S. military and civilian personnel were compromised. Being the obvious target that it is, the U.S. Department of Defense presumably has expended vast resources this century on defending its digital assets from perennial cyber attacks. Related: Why carpet bombing email campaigns endure.