Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Data Breaches

How to Fix The Top 10 Critical CVEs That Can Lead To A Data Breaches

A typical organization’s environment consists of a myriad of applications and services, each with its own unique set of ongoing vulnerabilities and flaws that could ultimately lead to a data breach. This can make IT security and operations’ job difficult, as different departments and groups within a company may utilize specific software offerings to accomplish their job functions.

Don't get breached: Learn how to prevent supply chain attacks

Cybercriminals are surprisingly lazy. Hackers are continuously cultivating their methods to achieve maximum impact with minimal effort. The adoption of a Ransomware-as-a-Service model is one example of such an achievement. But perhaps the apical point of cyberattack efficiency was achieved with the invention of the supply chain attack. A supply chain attack is a type of cyberattack where an organization is breached though vulnerabilities in its supply chain.

Cloud Threats Memo: How Leaky Are Your Cloud Apps?

Leaky cloud services are a major concern these days. As more and more organizations move their data and applications to the cloud, ensuring new forms of collaboration and agility for their workforce, setup errors and misconfigurations (or even the lack of understanding of the shared responsibility model) pose a serious risk for the new, enlarged corporate perimeter. So far, in 2021, I have collected 12 major breaches fueled by cloud misconfigurations, and I wonder how many flew under the radar.

Anatomy of a Data Breach - How to Protect Your Clients and Brand

Industry veterans Brian Lapidus and David White recently hosted a 40-minute dive into data breaches, how to expedite your response and what to expect when facing a breach of sensitive data, regardless of how it happens. The session was followed by live Q&A. Together, Brian and David have responded to thousands of data breaches worldwide and supported over 300 million customers safeguard their identity.

Fixing the "Human Error" Problem

Last year, Verizon’s data breaches report showed that “human error” was the only factor with year-over-year increases in reported incidents. The average cost of data breaches from human error stands at $3.33 million, according to IBM’s Cost of a Data Breach Report 2020. Even big companies and government entities have fallen victim to data breaches caused by human error.

How to Perform a Data Protection Impact Assessment (DPIA)

Conducting a data protection impact assessment (DPIA) or privacy impact assessment (PIA) is a complex and challenging task. Nevertheless, it’s critical to do. Data privacy concerns have become a significant focus across all industries, and for good reason: data is at higher risk than ever before. In its 2020 Q3 Data Breach QuickView Report, Risk Based Security revealed that 36 billion records were exposed during the first three quarters of 2020.

When and How to report GDPR personal data breaches (Article 33)

The Data Protection Act was brought in in 2018, and it controls and monitors the way that UK businesses and organizations use your personal data and information, such as credit, payment card, financial information, social security numbers, and any sensitive data. Under the act, it is up to everyone to ensure that they use data wisely and adhere to the data protection principles that are laid down in the act, which are.

Does a Ransomware Attack Constitute a Data Breach? Increasingly, It May

Historically, one difference between a company victimized by ransomware and those hit with a hacking intrusion that resulted in stolen data was that in a ransomware attack, the data wasn’t actually stolen, but was encrypted so that the victim would have to pay a ransom to regain access. Unlike traditional data thefts, ransomware—the theory went—didn’t really steal data. It encrypted it so that the authorized users couldn’t get to it unless a ransom was paid.

Understanding JusPay Data Breach

Juspay, an Indian payment service provider, which processes transactions for giants like Amazon, MakeMyTrip, Airtel, Flipkart, Uber and Swiggy suffered from a data breach resulting in 3.5 crore records of customer data being compromised. The data dump contains sensitive information including the card’s merchant brand, expiry date, the first six and last four digits, user name, email IDs and phone numbers. This data can be put together and used for phishing scams.