How Seriously Do We Take AI Data Security Risks?
I swear, sometimes it’s like nobody watched the Terminator or Matrix movies. News has come out that a hacker accessed proprietary information from OpenAI on the development of their products. No loss of customer or partner data, or access to main repository systems has been reported. And while OpenAI has claimed this incident doesn’t represent… Read More
Change in the Ransomware Status Quo?
A curiously uncorroborated claim by famous Russian ransomware group, LockBit, is stirring up the news this week. Their newest threat is the release of 33 terabytes of American citizens’ banking data, acquired in an alleged (by them) data breach of the U.S. Federal Reserve. The question so far, however, is did LockBit actually breach the… Read More
Blackbaud’s Latest Data Breach Settlement
Four years since the event, Blackbaud is continuing to pay for its 2020 data breach. Most recently, they are now settling against charges of violations of HIPAA and California data security laws, which led to its breach. An incident in which hackers gained access to internal systems and personal data (including Social Security numbers, bank… Read More
Ripples of the Snowflake Breach
Ticketmaster and its parent corporation, Live Nation, are being particularly reticent on details surrounding a data breach against the live events giant. Aside from the allegations that it is a breach of massive proportions, and that a third-party vendor’s cloud database was compromised, not much is known. “On May 27, a criminal threat actor offered… Read More
Recent reports on the exploitation of cyber weaknesses
Vulnerability exploitation as a source of data security incidents is at a record high, according to the latest Verizon Data Breach Investigations Report (DBIR). Compared to 2022, vulnerability exploits nearly tripled last year. Of the over 30,000 security incidents and more than 10,000 breaches analyzed in the report, this accounts for 14% of the total. … Read More
Cyber Threats to Critical Infrastructure Persist
Cyberattacks against critical infrastructure is a subject you might often hear in the news as a potential risk of our connected, online world. Never has this been more the case than in the diffuse workforce of the post-Covid era. This remains an ongoing problem, as a recent tank overflow at a Texas water treatment plants… Read More
Forward Progress on America’s GDPR?
Congress is gradually approaching a new federal data privacy and protection standard for the US. Proposed in 2022, the American Data Privacy and Protection Act (ADPPA) was a bipartisan attempt at federal data privacy legislation, and the first to successfully pass committee markup. Now, after revisions to the initial bill, both House and Senate committees… Read More
From outages to data breaches for AT&T
Not even two months since a massive, nationwide outage left millions of their customers without cell service for hours, AT&T is again in the news for a major data breach. Over the weekend, the company revealed that over 73 million current and former customers had their data released on the dark web, though the origin… Read More
Fujitsu’s breach and Microsoft’s legacy security
Japanese IT firm Fujitsu has another data breach on its hands that has put customers at risk. After discovering malware on its corporate networks, the company conducted an internal investigation, which resulted in the discovery that sensitive personal data could be illegally exfiltrated. As Fujitsu is a firm with numerous customers among the Japanese government,… Read More
Are companies looking out for your safety?
Can you as a consumer trust organizations to look after your well-being? There is no shortage of examples of companies skirting into questionable behavior in order to get a leg up, whether or not it involves risking people’s physical (health), virtual (personal data), and cloud (environmental) safety. We only have to remember incidents like Volkswagen’s… Read More