Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Our digital footprint, the trail of data and information left behind while using the internet, can be overwhelming. It encompasses everything from our social media posts and the websites we have visited to the emails we’ve sent and the online searches we have conducted. With all this information floating around, consumers have a legitimate interest in controlling that flow of information.

In cybersecurity, piggybacking refers to an unauthorized person gaining access to a restricted area or system by exploiting the access privileges of an authorized user, typically by following them or leveraging their credentials, usually without their knowledge or consent.

Cybersecurity is not merely about firewalls and antivirus anymore—now, your biggest vulnerability might be a third-party vendor. As companies more and more depend on outside partners, third-party hacks have become one of the biggest threats to business security.

On April 9, 2025, Blue Shield of California sent shockwaves through the healthcare industry with a data breach notification revealing that protected health information (PHI) may have been shared with Google Ads for nearly three years due to a misconfigured Google Analytics setup. This incident, affecting an undisclosed number of members, underscores the critical risks of noncompliance with HIPAA rules for online tracking technologies.

Over the past few days, we have been in direct contact with a hacker who goes by the alias Rose87168. He claims to have breached Oracle Cloud systems, specifically targeting Oracle WebLogic and Oracle Access Manager (OAM). The hacker has provided us with multiple files and data samples, including a tree file and a 10,000-line dataset, which allegedly contain sensitive configuration files, user authentication data, and directory structures from Oracle's infrastructure.

Departing workers can pose significant risks to data. Let me share a story about an individual who stole and deleted valuable research data right before submitting his resignation: six weeks after a contingent worker left the company, the FBI contacted us. It turned out that the individual had tried to sell the company’s confidential data to a third party. When he left, everything seemed normal.

Protecting military secrets is critical to national security. It’s not just about securing information; it’s about ensuring our safety and maintaining a strategic advantage. Sweeping legislation, technology, and security protocols are in place to prevent classified information leaks within Defense, which extend down to Defense contractors. However, despite technological advances, humans remain the weakest link when it comes to protecting national secrets.