Data security news & resources

In a landmark development that will reshape how public companies navigate cybersecurity risk, the US Securities and Exchange Commission (SEC) has given the green light to a set of rules that demand greater diligence in cybersecurity risk management, strategy, governance, and incident disclosure. As of December this year, public companies will be required to promptly […]

The Consumer Financial Protection Bureau (CFPB) is in the hot seat this week after it came to light an employee forwarded the sensitive data of over 250,000 consumers to their personal email account.  But this wasn’t just an isolated incident. The employee responsible exfiltrated sensitive information numerous times, sending over 60 emails to his personal […]

Miami-based healthcare software provider, Independent Living Systems, is in the hot seat this week, after announcing a data breach that impacted over 4.2 million individuals.  The incident, which is the largest healthcare breach of the year so far, came to light on March 14, when the company shared an announcement stating it experienced an “incident […]

Over the past 18 months, the Securities and Exchange Commission (SEC) has levied an onslaught of fines against public companies for inadequate disclosures of cybersecurity issues. In the latter half of 2021, British company Pearson agreed to pay $1 million, while First American Financial agreed to a settlement of $500,000.  Then, just last week, the […]

News just in. LastPass’ parent company, GoTo, has revealed malicious actors stole encrypted customer information – and, more troublingly, a decryption key – in a November 2022 attack.  While you might not have heard of GoTo, your company will probably use at least one of its digital tools. There’s the communications platform Central, the online […]

Atlassian received a nasty surprise late last week, after the hacking group SiegedSec leaked stolen company data on Telegram, including confidential floor maps of its offices in Sydney and San Francisco and, more concerningly, sensitive information about its employees. Like quite a few recent breaches, the hacking group didn’t actually break into Atlassian’s IT infrastructure. […]

News just in! Reddit, the hugely popular social news website and forum, has suffered a data breach. How did it happen? What did hackers steal? Should you be worried? We’ll answer all that and more below.  Let’s dive in.  How did the Reddit breach happen? As with many breaches these days, the Reddit incident has […]

What do Uber, LastPass and Marriott have in common? They all suffered pretty huge cloud data breaches in 2022. Read on to discover how these incidents–and more–happened, and how you can stop the same thing from happening to your organization. Uber How it happened On 15th September 2022, Uber employees received a Slack message from […]

This week, the pharmaceutical giant, AstraZeneca, hit the headlines after security researchers discovered credentials for one of the company’s internal servers on the code sharing platform, GitHub. While this is a relatively small-scale breach, there are a lot of lessons here about the risks of data exfiltration across SaaS environments. Here’s everything you need to […]

What software developer doesn’t love GitHub? This amazing—and free—platform is a fantastic way to share code files, connect with fellow developers and collaborate on projects seamlessly.  It’s no wonder that the platform has over 32 million monthly users. But, unfortunately, many people aren’t using the platform securely. Just recently, security researchers scanned GitHub for sensitive […]

How much money do you think a cybercriminal needs to steal your identity on the dark web? $1000? $2000? Maybe less; $800?  Actually, the figure is much, much lower. According to recent research, cybercriminals can start purchasing personally identifiable information (PII) for as little as $15. That would buy you a hacked credit card with […]