All Data Breach articles
-
News Brief
DOJ orders consultants to pay $11.3M total for cyber rule violations
Guidehouse and Nan McKay and Associates will pay a total of $11.3 million to the Department of Justice (DOJ) to settle allegations that cybersecurity failures led to the theft of client personal information during the height of the COVID-19 pandemic.
-
News Brief
SEC amends Reg S-P to require data breach notification within 30 days
The Securities and Exchange Commission will require broker-dealers and registered investment advisers to adopt written policies and procedures for handling data breaches of customer data and notify affected customers within 30 days.
-
Premium
Report: Human error driving growing number of data breaches
Verizon’s annual data breach report shows trends in cybersecurity incidents, including more ransomware and extortion attacks last year.
-
News Brief
AT&T: Data leak exposed info of 73M customers onto dark web
AT&T said personal account data on approximately 73 million current and former customers was released on the dark web two weeks ago but has not yet identified when and where the breach occurred.
-
News Brief
Italian DPA fines UniCredit $3M over data breach GDPR lapses
The Italian data protection authority announced a fine of €2.8 million (U.S. $3 million) against UniCredit for alleged violations of the General Data Protection Regulation regarding insufficient security measures the bank had in place during a cyberattack.
-
Premium
Experts: Good data breach response grounded in preparation
Two chief compliance officers and an attorney discussed preparation for the “when, not if” threat of a data breach during a panel at CW’s Cyber Risk & Data Privacy Summit.
-
News Brief
FTC tweaks Safeguards Rule to address data breaches
Nonbank financial institutions must report certain data breaches to the Federal Trade Commission within 30 days of discovery under a new amendment to the agency’s Safeguards Rule.
-
Premium
Risk models show finance, real estate most likely to face costly cyber events
The finance and real estate industries are at higher risk of experiencing a high-cost material cybersecurity incident, compared to other sectors, according to new research from risk modeling firm Kovrr based off data from U.S. Fortune 1,000 companies.
-
News Brief
Blackbaud settles with states for $49.5M over 2020 data breach
Software company Blackbaud agreed to pay $49.5 million in a multistate settlement addressing charges related to a 2020 cyberattack that exposed the personal data of approximately 13,000 consumers.
-
News Brief
FCA fines Equifax’s U.K. unit $13.3M over 2017 data breach
The Financial Conduct Authority fined Equifax’s U.K. unit more than £11 million (U.S. $13.3 million) regarding the company’s 2017 data breach that affected approximately 13.8 million U.K. consumers.
-
News Brief
MGM discloses $100M hit from cyberattack
MGM Resorts International said it expects to take a $100 million hit as part of the fallout of a cyberattack that has most significantly impacted its Las Vegas operations.
-
Resource
e-Book: Risks, opportunities under SEC’s cyber incident disclosure rule
The clock is ticking for public companies to put in place policies and practices to meet the requirements of the Securities and Exchange Commission’s newly approved cybersecurity incident disclosure rule.
-
Premium
IBM report: Data breach costs at all-time high; AI helping detection
The global average cost of a data breach reached a new all-time high of $4.45 million in 2023, according to IBM’s annual report.
-
Premium
Growing list of MOVEit hack victims shows damage control difficulties
More than 130 organizations are believed to have been impacted by the MOVEit hack, with millions of people’s data at risk. Experts opine on the struggles businesses face in containing exposure.
-
Premium
SEC’s Grewal spotlights enforcement focus on cyber disclosures
The No. 1 priority at the Securities and Exchange Commission after organizations are impacted by a cybersecurity incident is that investors receive timely and accurate disclosures, according to Enforcement Division Director Gurbir Grewal.
-
News Brief
APRA pressures Medibank on cyber enhancements post-breach
The Australian Prudential and Regulation Authority will require Medibank Private to hold 250 million Australian dollars (U.S. $166 million) in extra capital until the insurer remediates identified cybersecurity weaknesses after a significant data breach.
-
Premium
NAVEX report: Driven by cyber threats, infosec compliance top of mind
Compliance teams are taking more responsibility for issues related to information security and data privacy, motivated by increasing threats posed by data breaches and cyber intrusions, according to a new survey from NAVEX.
-
Premium
Shades of SolarWinds in lessons from MOVEit hack
A ransomware attack affecting some of the U.K.’s largest corporations has highlighted once again how exposed organizations can be if the levels of cybersecurity used by their third parties are not as strong as expected.
-
Premium
Verizon report: Lion’s share of data breaches linked to organized crime
About 83 percent of data breaches are perpetrated by external bad actors and not employees, with 70 percent of those breaches linked to organized crime groups with financial motives, according to the latest research.
-
News Brief
Ex-Uber security chief avoids prison in obstruction case
The former chief security officer of Uber Technologies was sentenced to probation by a federal court judge as punishment for his involvement in covering up a 2016 data breach that affected 57 million users.