Data security news & resources

Qantas is warning millions of customers that their personal data could be exposed after a cyber attack hit a third-party platform used by one of its offshore contact centers. Here’s everything we know about the breach so far.  How did the breach happen?  Qantas says it detected unusual activity on the affected third-party system earlier […]

All employees make mistakes—whether that’s a typo in an email, sending a document to the wrong person or missing a deadline.  Some mistakes, though, have greater consequences than others, especially when it comes to cybersecurity and compliance.  Sending a sensitive document to the wrong recipient, for example, can be an immediate data breach and compliance […]

In the alphabet soup of cloud security tools, few acronyms have risen faster—or with more promise—than data security posture management (DSPM). Touted as a cure-all for sensitive data exposure, DSPM promises deep visibility into cloud environments.  But as many CISOs have found, visibility alone isn’t enough. DSPM might show you where the problems are—but it […]

On May 15, the crypto giant, Coinbase, announced that malicious actors had gotten away with the personal information of tens of thousands of customers—an incident set to cost the company nearly $400 million.  But the scale of this breach isn’t the major story. It’s how the cybercriminals did it—bribing outsourced customer service agents to steal […]

The Texas Department of Transportation (TxDOT) has disclosed a data breach after a threat actor accessed and downloaded 300,000 crash records from its database. The breach took place on May 12, 2025, and stemmed from a login using compromised credentials—yet another example of how a single weak link in identity security can put huge amounts […]

Crypto exchange giant Coinbase has confirmed a significant data breach involving bribed support contractors, compromised customer information, and a $20 million extortion demand. The attack is expected to cost the company up to $400 million in remediation and reimbursements—and it didn’t involve a single line of malware.  Here’s everything we know so far.  How did […]

Companies are pouring more money than ever into training their people to spot and stop cyber threats. But despite the investment, one stubborn issue won’t go away: humans are still behind the vast majority of data breaches. Even with security awareness training becoming the norm, the numbers show they’re having little impact—60% of breaches still […]

In the past month alone, big names like Hertz, WK Kellogg, and DBS Bank have all reported serious data breaches. But these attacks weren’t the result of flaws in their own systems. Instead, attackers exploited weaknesses in their software supply chains—targeting third-party vendors to get in. This kind of breach is becoming less of an […]

Account takeover (ATO) attacks are rising year after year, despite organizations investing heavily in multi-factor authentication. The reason? Cybercriminals’ tactics are evolving—and MFA is no match.  Just take last month’s phishing attack targeting Microsoft ADFS. Hackers sent fake IT emails, tricking employees into logging into a cloned ADFS page. The moment victims entered their credentials […]

As more organizations embrace cloud applications like Google Workspace and Microsoft 365, the security risks are escalating. In fact, 4 out of 5 companies have fallen victim to a cloud security breach in the last 18 months.  While it’s easy to blame the cloud itself, the reality is more complex: these breaches are not typically […]

Generative AI tools like ChatGPT and Bard are taking the world by storm—at a rate faster than security teams can keep up. Today, 78% of knowledge workers use third-party GenAI tools. Yet, just a third of organizations say they have defined guidelines on AI usage in place.  As more and more corporate data flows into […]