Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

You can protect yourself from identity theft by safeguarding your Social Security number and other sensitive documents, regularly reviewing your credit reports, using a dark web monitoring tool and not oversharing online. Identity theft occurs when someone steals and uses your sensitive documents unbeknownst to you to gain money or access to your confidential information. Examples of sensitive documents include Social Security numbers, credit card numbers, bank account information and passport numbers.

A password is compromised when it’s leaked in a data breach and made available on the dark web, allowing others to gain unauthorized access to your online accounts. This risk not only arises from a data breach; your passwords can also be compromised in a phishing attack or if you don’t store your passwords securely. Dealing with multiple compromised passwords can be scary and stressful, but luckily there are steps you can take to protect your online accounts.

The recent Federal Communications Commission (FCC) settlement with TracFone Wireless, Inc. (TracFone) for $16 million highlights a critical vulnerability within the mobile telecommunications industry: API security. The investigation revealed unauthorized access to customer data through weaknesses in TracFone's mobile carrier APIs. This incident reminds mobile carriers to prioritize robust API security measures to safeguard customer data and ensure network integrity.

In a recent cybersecurity incident, a hacker breached Mobile Guardian, a widely used digital classroom management platform, and remotely wiped data from at least 13,000 student devices. Mobile Guardian, a partner of 'Google for Education,' offers comprehensive device management, secure web filtering, classroom management, and communication solutions for K-12 schools worldwide.

Two major organizations breached in 2023 — MGM Resorts and 23andMe — have one part of their hacks in common: identity. Initial access in the 23andMe breach came from credential stuffing, and it was a lack of access control that allowed the threat actors to move deeper into the organization, ultimately exfiltrating data from millions of user accounts.

Stolen credentials are the easiest route into your organization for a hacker. Verizon’s 2023 Data Breach Investigation Report found that threat actors used stolen credentials in 49% of attempts to gain unauthorized access to organizations. The problem IT teams face is knowing when credentials have been stolen or leaked in a breach – otherwise you’re waiting to respond to a security issue rather than handling it proactively.

New data shows that cyber attacks have resulted in double the number of data breaches in 2024 than throughout all of 2023. After a data breach, there are two common impacts– an organization with disrupted operations and customer victims. We tend to focus only on the duration it takes for an organization to regain normal operations, but the total number of victims from a data breach can take years to tally.

Access to data comes with significant responsibility, and misuse of this access can negatively affect organizations. When employees misuse data for personal gain or other unauthorized purposes, it can jeopardize data security and lead to costly breaches. Indeed, 68% of data breaches involve a human element, according to the 2024 Data Breach Investigations Report by Verizon.

A recent security incident has shaken the cryptocurrency community as Gemini, a prominent US-based crypto exchange, disclosed a supply chain breach that compromised personal and banking information of thousands of customers. This breach underscores the importance of robust digital footprint analysis and brand protection strategies in the ever-evolving landscape of cybersecurity.

Breakdancing is coming to the world stage while French citizens stage a creative protest with the hashtag “JeChieDansLaSeineLe23Juin.” We’ll leave the dirty research on that to you. Regardless, the ramp-up to the 2024 Paris Olympics is proving to be an exciting and controversial affair. However, the Olympic call isn’t reserved for top athletes and sports enthusiasts. It’s also a prime opportunity for scam artists and fraudsters to exploit an influx of tourists.