Data Breaches

Indiana Healthcare System Announces Data Breach; 132k Potential Exposures

Jan 23, 2024 By Steven In IDStrong

The Columbus Regional Healthcare System (CRHS) spans ten counties in southeastern Indiana. The network includes over 2,400 employees, 200 physicians, and many volunteers. CRHS offers emergency and surgical solutions, primary and specialty care programs, and endless inpatient and outpatient service options. CRHS recently notified the Maine Attorney General’s Office of a breach within their systems; the event happened in May 2023—and has potentially compromised the data of 132,887 individuals.

Read Post

IDStrong

Read more about Indiana Healthcare System Announces Data Breach; 132k Potential Exposures

LoanDepot Updates on Cyberattack; 16.6 Million Potentially Compromised

Jan 23, 2024 By Steven In IDStrong

Based in Irvine, California, LoanDepot is a nationwide mortgage lender. Their solutions assist homeowners in purchasing land and obtaining reasonable equity costs. They are licensed in 50 states and, in 14 years, have become the most significant nonbanking lender in the US. In the second week of January, we featured a piece on LoanDepot; at the time, they were in the throes of a cyber skirmish, fighting for control of their discombobulated systems.

Read Post

IDStrong

Read more about LoanDepot Updates on Cyberattack; 16.6 Million Potentially Compromised

What is the Cost of a Data Breach in 2024?

Jan 22, 2024 By Kyle Chin In UpGuard

The cost of a data breach continues to rise every year as new attack methods, new vulnerabilities, and new risks appear. According to IBM’s Cost of a Data Breach Report 2023, the average cost of a data breach in 2023 was USD $4.45 million, a 2.3% increase from 2022’s cost of $4.35 million.

Read Post

UpGuard

Read more about What is the Cost of a Data Breach in 2024?

Russian Hackers Win Big: Microsoft's Senior Exec Team Emails Breached

Jan 20, 2024 By Stu Sjouwerman In KnowBe4

In a Friday regulatory filing, Microsoft has reported that its corporate email accounts were compromised by a Russian state-sponsored hacking group known as Midnight Blizzard, also identified as Nobelium or APT29. Microsoft's disclosure aligns with new U.S. requirements for reporting cybersecurity incidents. The attack was detected on January 12th, 2024, but it appears to have started in November 2023.

Read Post

KnowBe4

Read more about Russian Hackers Win Big: Microsoft's Senior Exec Team Emails Breached

Cyberattack Darkens Kansas State University, Network Disruptions Rampant

Jan 19, 2024 By Steven In IDStrong

Kansas State University (K-State) is below Tuttle Creek Lake in northeast Kansas. The university serves 20,000 students, employs a complex faculty of emeritus, postdocs, and graduates, and offers over 50 programs. On Tuesday (January 16th, 2024), K-State published a statement concerning the disruption of some of its services; hours later, a preliminary investigation determined the cause of the disruptions came from a cybersecurity event.

Read Post

IDStrong

Read more about Cyberattack Darkens Kansas State University, Network Disruptions Rampant

Weekly Cybersecurity Recap January 19

Jan 19, 2024 By Steven In IDStrong

This week was slow in the cybersecurity breach world; a combined 775k records got exposed stemming from two health centers (Singing River Health and Harris Center for Mental Health and IDD) and a nationwide mortgage lender (Academy Mortgage Corporation); a communications security solution (Egress) released a risk report urging action of business leaders; and Kansas State University suffered widespread disruptions, potentially compromising the sensitive data of their students and faculty.

Read Post

IDStrong

Read more about Weekly Cybersecurity Recap January 19

More Than Half of Data Breaches in the U.K.'s Legal Sector are Due to Insider Error

Jan 18, 2024 By Stu Sjouwerman In KnowBe4

A new analysis of data breaches in the United Kingdom's legal sector shows that organizations need to be looking inward more and look for ways to elevate the security awareness of employees. There’s so much focus on external cybercriminal activity, we often forget about the actions of internal employees that often facilitate a data breach.

Read Post

KnowBe4

Read more about More Than Half of Data Breaches in the U.K.'s Legal Sector are Due to Insider Error

Traditional Email Security is Failing; Business Leaders Must Evolve

Jan 18, 2024 By Steven In IDStrong

Egress Software is a cybersecurity firm specializing in digital communications. They analyze security risks within emails, messaging, documents, file-sharing gateways, and more. In their line of work, humans are the most significant cybersecurity risk to any organization.

Read Post

IDStrong

Read more about Traditional Email Security is Failing; Business Leaders Must Evolve

Fast food restaurants hacked simultaneously - Breach breakdown

Jan 17, 2024 By GitGuardian In GitGuardian

The video based on this article discusses a cybersecurity researcher's experience in uncovering a major security flaw in an AI-based hiring system called Chattr.ai, which provides services to numerous fast-food chains and hourly employers across the United States, including popular names like Applebees, Arbys, Chickfila, Dunkin, IHOP, KFC, Shoneys, Subway, Tacobell, Target, and Wendys. The researcher's investigation was triggered by their suspicion that many startups using Firebase, particularly those with the.ai top-level domain, may have exposed credentials.

View Video

GitGuardian

Read more about Fast food restaurants hacked simultaneously - Breach breakdown

Academy Mortgage Faces Disruptions; Employee and Borrower Data Compromised

Jan 17, 2024 By Steven In IDStrong

Academy Mortgage Corporation (AMC) is a nationwide mortgage lender and home loan estate professional group. The organization has over 200 branches throughout the US and numerous loan, mortgage, and financing options. In March 2023, AMC officials discovered a breach within their system network; the threat actor accessed and deactivated some of their securities, putting employees and borrowers at risk for compromised data.

Read Post