Polymer

Run a free Slack or Google Drive scan now

  • Reset
no-image

CFPB employee steals data of more than 250,000 consumers

The Consumer Financial Protection Bureau (CFPB) is in the hot seat this week after it came to light an employee forwarded the sensitive data of over 250,000 consumers to their personal email account.  But this wasn’t just an isolated incident. The employee responsible exfiltrated sensitive information numerous times, sending over 60 emails to his personal […]

read more
no-image

Over 4 million individuals impacted by Independent Living Systems breach

Miami-based healthcare software provider, Independent Living Systems, is in the hot seat this week, after announcing a data breach that impacted over 4.2 million individuals.  The incident, which is the largest healthcare breach of the year so far, came to light on March 14, when the company shared an announcement stating it experienced an “incident […]

read more
SEC disclosure requirements

What must companies disclose to the Securities and Exchange Commission (SEC) in the event of a data breach?

Over the past 18 months, the Securities and Exchange Commission (SEC) has levied an onslaught of fines against public companies for inadequate disclosures of cybersecurity issues. In the latter half of 2021, British company Pearson agreed to pay $1 million, while First American Financial agreed to a settlement of $500,000.  Then, just last week, the […]

read more
lastpass breach

LastPass owner GoTo says hackers stole customer backups

News just in. LastPass’ parent company, GoTo, has revealed malicious actors stole encrypted customer information – and, more troublingly, a decryption key – in a November 2022 attack.  While you might not have heard of GoTo, your company will probably use at least one of its digital tools. There’s the communications platform Central, the online […]

read more
data breach

Atlassian data breach highlights crucial SaaS security learnings

Atlassian received a nasty surprise late last week, after the hacking group SiegedSec leaked stolen company data on Telegram, including confidential floor maps of its offices in Sydney and San Francisco and, more concerningly, sensitive information about its employees. Like quite a few recent breaches, the hacking group didn’t actually break into Atlassian’s IT infrastructure. […]

read more
data leak data breach

Lessons from Reddit data breach of internal documents and source code

News just in! Reddit, the hugely popular social news website and forum, has suffered a data breach. How did it happen? What did hackers steal? Should you be worried? We’ll answer all that and more below.  Let’s dive in.  How did the Reddit breach happen? As with many breaches these days, the Reddit incident has […]

read more
SaaS data breach

Top SaaS breaches of 2022

What do Uber, LastPass and Marriott have in common? They all suffered pretty huge cloud data breaches in 2022. Read on to discover how these incidents–and more–happened, and how you can stop the same thing from happening to your organization. Uber How it happened On 15th September 2022, Uber employees received a Slack message from […]

read more
AstraZeneca breach

AstraZeneca breach exposes sensitive patient data

This week, the pharmaceutical giant, AstraZeneca, hit the headlines after security researchers discovered credentials for one of the company’s internal servers on the code sharing platform, GitHub. While this is a relatively small-scale breach, there are a lot of lessons here about the risks of data exfiltration across SaaS environments. Here’s everything you need to […]

read more
insider threat

GitHub security best practices you need to know

What software developer doesn’t love GitHub? This amazing—and free—platform is a fantastic way to share code files, connect with fellow developers and collaborate on projects seamlessly.  It’s no wonder that the platform has over 32 million monthly users. But, unfortunately, many people aren’t using the platform securely. Just recently, security researchers scanned GitHub for sensitive […]

read more
SaaS data breach

What is the cost of PII on the dark web in 2022?

How much money do you think a cybercriminal needs to steal your identity on the dark web? $1000? $2000? Maybe less; $800?  Actually, the figure is much, much lower. According to recent research, cybercriminals can start purchasing personally identifiable information (PII) for as little as $15. That would buy you a hacked credit card with […]

read more
Dropbox phishing

How did Dropbox data breach of 100 GitHub repositories occur?

It looks like Dropbox has dropped the ball. In a blog post published on November 1st, the company revealed that it had suffered a data breach after a successful phishing lure fooled numerous employees. Read on to discover how this breach happened, and the critical learnings to apply to your organization.  What’s Dropbox? For those […]

read more

Get Polymer blog posts delivered to your inbox.