European regulators not afraid to enforce GDPR penalties

By now you might have heard the news that British Airways is facing a record fine from the UK’s Information Commissioner’s Office (ICO) for a late 2018 breach affecting 500,000 customers, after cyber criminal group Magecart injected lines of script to compromise the airline’s card checkout pages on its website and mobile app and steal… Read More

Continuing consequences from the Equifax breach

Just when you might have thought the Equifax story had been long put to bed, the seventh greatest breach in history has more to offer. While half of all breaches may be targeted at small businesses (according to CPO Magazine), the larger entities are the ones whose plots are likely to keep popping up from… Read More

Watch your screen, because someone else is too

When considering the various complex and sophisticated ways cyber criminals can steal data, it can be easy to overlook more mundane risks.  Take a simple screen, for example.  When you use an ATM, it’s often recommended that you take care to obscure the screen, so that potentially curious eyes around you can’t glance at the… Read More

Who is responsible for encrypting data?

Fortunately, the mass Target outage dubbed the Targetpocalypse does not appear to have been the result of a data breach.  Stores nationwide saw their registers go offline on Saturday, much to the chagrin of consumers who were left unable to consume.  A subsequent statement from the company explained it was simply a technological error at… Read More

A data buffet for cyber criminals

Both the hospitality and healthcare industries have found themselves in cybersecurity news lately.  Last month, we covered a mysterious data breach where the owner of the compromised server was in question.  As it turns out, vpnMentor researchers Noam Rotem and Ran Locar, who discovered the initial breach, have since published findings of another breach, involving… Read More

SHIELDing Your Personal Information

Well, this is interesting: This is the second week in a row with data breaches involving both encrypted passwords and digital “account tokens,” which connect to third party services.  In this regard, news compiler Flipboard’s recent breach does sound somewhat like Canva’s.  Though it’s not yet clear how, Flipboard has announced the unauthorized access of… Read More

Don’t make hackers famous at your expense

A hacker known as GnosticPlayers has now totaled over 1 billion stolen user credentials from 45 companies, according to ZDNet.  Usually, we don’t mention specific hackers in our coverage of data security incidents.  For one thing, there often isn’t a clear culprit.  Even when there is, however, naming them would hardly stir recognition in most… Read More

What can your grocery list tell hackers about you?

One recent social media phenomenon that straddles the line between funny and creepy is how various companies use their accounts.  Whoever runs their Twitter, for instance, will generally tweet in the first person, as if the business is a person.  Sometimes two or more profiles will even engage in some fashion with each other, like… Read More

No rest for health care on data security

Making the rounds last week was Verizon’s 2019 Data Breach Investigations Report.  Analyzing over 41,000 security incidents and over 2,000 data breaches during 2018, the study examines the state of affairs across industries.  One interesting figure to note is that well over half of data breaches in health care are caused by insiders; but in… Read More

What are the financial costs of a data breach?

It has been a while since we last examined what sort of financial costs companies were enduring due to data breaches.  As it happens, they’re finding out that information for themselves. In the news this week are examples of a few such penalties.  A 2016 breach is now costing retailer Eddie Bauer a $9.8 million… Read More