Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

MOVEit, a massive global fire-sharing service provider, recently suffered a data breach that could impact 100's of corporations in the United States, Europe, and many other areas of the world. The file-transfer service provider is supposed to offer a secure transfer solution, and it appears that it may not be as secure as so many hoped. This breach is the result of a ransomware attack, and that attack could result in substantial losses for so many involved.

Capital One is a large financial corporation and an American bank that offers financing and a range of other financial services to interested customers. The company works with millions of customers throughout the country, and with so much data and so many services, Capital One must rely on partners to deliver its services effectively. Its reliance on third-party companies is what caused the company to suffer from a substantial data breach that put more than 16,779 customers at risk.

Data breaches are a serious risk that can lead to a substantial amount of lost information annually. This week financial, legal, health, and education sectors were all hit. Major health insurance providers like MCNA and Harvard Pilgrim were exposed, legal company Casepoint suffered substantial data losses, the University of Rochester was hit, and Capital One also suffered significant losses.

Verizon's DBIR always has a lot of information to unpack, so I’ll continue my review by covering how stolen credentials play a role in attacks. This year's Data Breach Investigations Report has nearly 1 million incidents in their data set, making it the most statistically relevant set of report data anywhere. So, what does the report say about the most common threat actions that are involved in data breaches?

People are one of the most common factors contributing to successful data breaches. Let’s dive in deeper into the latest Verizon Data-Breach Investigations Report (DBIR) to find out how and why users are a contributor to the problem.

Harvard Pilgrim Health Care is an insurance provider that offers non-profit healthcare to residents in a variety of different states, including New Hampshire, Maine, Connecticut, and Massachusetts. The company generates more than $622 million in revenue annually and employs over 4,400 people during its regular operations. It works with millions of patients, and a mix of those patients was exposed in the recent data breach impacting that company.

Cyberint discovered in the ‘wild’ what could possibly be associated with the ‘Cardpool’ gift card breach, a file named ‘cardpool leak’. It was collected by our platform, Argos. ‘Cardpool’ was an online business where customers exchanged or sold their unwanted or partially used gift cards. It was shut down in early 2021, but it’s been discovered that in late April 2021, a Russian Threat Actor allegedly sold $38 million worth of gift cards there.

A data breach is an IT security incident where data is compromised or stolen from a system without the knowledge or authorization of its owner. But what happens when a third party is involved? Stolen data may include sensitive, proprietary, or confidential information such as credit card numbers, trade secrets, customer, or patient data. Third party breaches cost millions of dollars every year to companies of all sizes.

The University of Rochester is a mid-sized school in New York State. It was founded in 1850 and has more than 12,000 students overall. The school maintains over 30,000 staff members overall and manages a large amount of data for all those individuals. Since data is largely digital today, the school is a major target for data breaches and identity theft. With breaches becoming so common today, it's not surprising the school suffered from a recent breach.

Casepoint is one of the first companies to get approval to serve as an eDiscovery tool for Federal and State governments in the United States. The company manages legal data for huge agencies and is the home of many legal secrets that could provide lawyers with an edge if they had access to all the company's data. That's why Casepoint suffering from a data breach is such a significant problem.