Allstate Insurance Dropped the Ball on Ensuring Data Security
More news of unencrypted, plaintext data from a major organization being left in the open for cyber criminals. Not merely a set of discarded hard drives at a random Netherlands air base, now the state of New York is suing insurance giant Allstate for their lack of digital cyber hygiene: websites that left personal information… Read More
Is Sensitive Data Your New Carry On Luggage?
Sensitive data on unencrypted devices has become way too common these days, popping up in places they definitely shouldn’t be. We’ll get back to why such devices shouldn’t lack encryption in the first place, but it’s still shocking when you hear how a bundle of 500 GB hard drives picked up at a Netherlands airbase… Read More
More Internet of Things Insecurity
Another week, another exposure of billions of records of sensitive data. The integrity of Internet of Things-based (IoT) cybersecurity has always been a major concern since its proliferation in recent years; Palo Alto Networks reports that even now, 57% of IoT devices have insufficient security, and 98% of device data is unencrypted. In direct consequence… Read More
Change Healthcare and DeepSeek Data Security
Last year, estimates of the Change Healthcare data breach were that it could cost over $2 billion in incident response alone. Estimates for a while were also that 100 million people were affected. This was all prior to this week, when UnitedHealth announced the number was closer to 190 million. Still growing, the number will… Read More
Personal Data of the Most Sensitive Kind
Student data is a valuable resource for cyber criminals. Minors have plenty of sensitive personal information, but may lack awareness of the risks it carries. Parents also may not monitor it until they are older. For these reasons, such data is more vulnerable to going unnoticed should it be compromised. And compromised it has been… Read More
New Regulations for the Internet of Things?
Government-mandated standards and practices are on the verge of sweeping changes not perhaps seen since Europe’s GDPR. Reflecting this shift are incidents like last year’s bevy of state sponsored Chinese hackers targeting various industries and critical infrastructure, including such agencies as the US Treasury. In this case, a stolen API key from a third-party vendor… Read More
Last Minute Breach News of 2024
End of year for cybersecurity means planning annual budgets, evaluation, and last minute fines against violators of regulations. While healthcare has been an especially hard hit sector, people’s online activity on social media platforms continues to carry great risk to personal information. Ireland’s privacy regulator, the Data Protection Commission (DPC), has been particularly active in… Read More
NPD Shutters and Hackers Trending Younger
The average age of those arrested for cybercrime is trending younger and younger, currently in the teens. The latest report from Experian, predicting upcoming data security trends for the next year, foresees this trend increasing, with more young people participating in cybercrime and recruitment by veterans in the field. We discussed recently how hackers like… Read More
Still More Snowflake Data Breach Ripples
The breach of cloud provider Snowflake continues to have more ripples on multiple fronts. The US government has now accused a pair of culprits as responsible for the incident, particularly for using that attack to steal 50 billion customer call and text records from AT&T (that is, nearly all of them). This sum amounted to… Read More
Smells Like Teen Cybercrime
It’s been a staple trope of fiction for a while now, the shadowy, mysterious hacker who eludes all of law enforcement’s effort, until at last they’re revealed to be some teenager. Usually this is an isolated event, but over here in reality, it’s now becoming a more common trend. Leaders in the cybersecurity field point… Read More