We all know that cloud apps like Slack, Teams and Google Workspace are the backbone of modern business. But they’re also a huge risk to compliance and security.  Research shows that the average company has a $28 million data breach risk because of exposed data in SaaS environments. Risks like data leakage, compromised credentials and […]

Atlassian received a nasty surprise late last week, after the hacking group SiegedSec leaked stolen company data on Telegram, including confidential floor maps of its offices in Sydney and San Francisco and, more concerningly, sensitive information about its employees. Like quite a few recent breaches, the hacking group didn’t actually break into Atlassian’s IT infrastructure. […]

“Is it true we need to retain our HIPAA (Health Insurance Portability and Accountability Act) audit log records for six years?”  That’s a common question healthcare organizations ask us when they learn about Polymer data loss prevention (DLP) for HIPAA compliance.  While our audit reporting capabilities enable you to capture records for well over a […]

News just in! Reddit, the hugely popular social news website and forum, has suffered a data breach. How did it happen? What did hackers steal? Should you be worried? We’ll answer all that and more below.  Let’s dive in.  How did the Reddit breach happen? As with many breaches these days, the Reddit incident has […]

Zero trust. You know it’s important. You know you want to implement it in your organization. And you know it could make Slack way more secure – especially given the recent Uber breach! But there’s a problem. Moving from concept to reality is proving mighty difficult.  You’re not alone.  96% of security decision-makers state that […]

This week, the pharmaceutical giant, AstraZeneca, hit the headlines after security researchers discovered credentials for one of the company’s internal servers on the code sharing platform, GitHub. While this is a relatively small-scale breach, there are a lot of lessons here about the risks of data exfiltration across SaaS environments. Here’s everything you need to […]

In September 2022, tech giant Uber had to shut down its company Slack channels after a malicious actor sent a Slack message to multiple employees, stating: “I am a hacker.” Yikes!  This incident isn’t the first time hackers have leveraged Slack in a cyber-attack, and we’ve got a feeling it certainly won’t be the last.  […]

What software developer doesn’t love GitHub? This amazing—and free—platform is a fantastic way to share code files, connect with fellow developers and collaborate on projects seamlessly.  It’s no wonder that the platform has over 32 million monthly users. But, unfortunately, many people aren’t using the platform securely. Just recently, security researchers scanned GitHub for sensitive […]

How much money do you think a cybercriminal needs to steal your identity on the dark web? $1000? $2000? Maybe less; $800?  Actually, the figure is much, much lower. According to recent research, cybercriminals can start purchasing personally identifiable information (PII) for as little as $15. That would buy you a hacked credit card with […]

The Health Insurance Portability and Accountability Act (HIPAA) consists of several rules that HIPAA-covered entities must follow to protect the confidentiality, integrity and availability of protected patient health information (PHI).  One such rule, which we will focus on today, is the mandate to “enhance safeguards as needed to limit unnecessary or inappropriate access to and […]

It looks like Dropbox has dropped the ball. In a blog post published on November 1st, the company revealed that it had suffered a data breach after a successful phishing lure fooled numerous employees. Read on to discover how this breach happened, and the critical learnings to apply to your organization.  What’s Dropbox? For those […]