This week, Colombia grappled with the aftermath of a ransomware attack against IFX Networks, Clorox suffered product shortages, a glitch allowed T-Mobile users to access other users' data, California passed restrictions for data brokers and Finland seized a dark web marketplace.
This week, ISMG editors covered the hot topics at ISMG's London Cybersecurity Summit 2023, including the technical landscape of AI, executive liability, incident response strategies in the face of a global ransomware attack and how to build personal resilience to avoid burnout.
The list of healthcare entities affected by MOVEit file transfer hacks continues to grow. Nuance Communications acknowledged that hackers had stolen data belonging to 14 of its clients, all North Carolina medical providers. Hackers may have obtained diagnostic information including imaging reports.
This week, exiled Russian journalist Galina Timchenko's iPhone was found to contain NSO Group's Pegasus spyware, a Russian businessman was sentenced for insider trading, more than 300,000 people were affected by an attack on See Tickets and period-tracking apps raised privacy concerns in the U.K.
Booking and reservation systems, as well as slot machines, hotel room door locks, ATMs and more remain offline at multiple MGM Resorts properties as the publicly traded casino hotel giant battles "a cybersecurity issue" that one group of security researchers has tied to a ransomware group attack.
This week, the Swedish DPA fined an insurer $3 million for violating GDPR, a DDoS attack disrupted a German financial agency website, Google Fitbit faced privacy complaints from Schrems, Ragnar Locker published hacked hospital data, and Seville, Spain dealt with the aftermath of a ransomware attack.
The new U.S. reporting requirements will force publicly traded companies in industries outside of financial services with fewer regulations to improve their security practices. Snyk CEO Peter McKay advised public companies in possession of credit card numbers or other PII to level up.
This week, Japan's cybersecurity agency reportedly was breached, social media companies were urged to ward off data scraping, the NSA said it respects foreign intelligence targets, Polish authorities arrested two for hacking a rail network, and a ransomware gang used GDPR fines as scare tactics.
SailPoint has agreed to buy U.K.-based privileged access management vendor Osirium for $8.3 million to better protect privileged and non-privileged identities on a single platform. The deal will allow Osirium to benefit from SailPoint's increased scale and enhanced sector and regional capabilities.
London's Metropolitan Police Service is investigating a serious data breach that may have exposed names, ranks and photographs for potentially all 47,000 personnel, after someone gained "unauthorized access to the IT system" of one of its suppliers.
Ransomware and data exfiltration attacks continue to stick victims with serious bills to cover cleanup, legal and other resulting costs - to the tune of $10.8 million and counting for cloud computing giant Rackspace, for one. Rackspace was hit by the Play ransomware group last year.
Two financial services giants hit by the mass attack on MOVEit file-sharing software - Prudential and Schwab - are the latest victims to face lawsuits from affected individuals. The suit filed against Prudential seeks 10 years of prepaid identity theft monitoring services instead of the usual two.
The tally of entities notifying federal regulators about mega health data breaches involving Clop cybercrime group hacks on Progress Software's MOVEit file transfer application keeps growing, and millions of additional individuals have been affected.
Ransomware-wielding hackers are moving faster than ever to pull the trigger on malicious encryption - but they could be bumping up against the limits of how fast they can go, say security researchers at Sophos. Better endpoint detection may be spurring ransomware hackers into acting faster.
Tesla says it is suing two former employees for perpetrating a May data breach that exposed personal information for 75,735 current and former employees. The information was contained in a massive set of data leaked to a publication on whistleblowing grounds.