Consolidation and Integration of Big Tech
Not one day after my last post, snarking about AI, movies like Terminator and their unlearned lessons, and one of the most Skynet-esque global computer failures occurs. Weird how that happens. The global Microsoft Windows outage that has been on everyone’s minds this past week is such a glaring example. Now, obviously the CrowdStrike software… Read More
How Seriously Do We Take AI Data Security Risks?
I swear, sometimes it’s like nobody watched the Terminator or Matrix movies. News has come out that a hacker accessed proprietary information from OpenAI on the development of their products. No loss of customer or partner data, or access to main repository systems has been reported. And while OpenAI has claimed this incident doesn’t represent… Read More
Change in the Ransomware Status Quo?
A curiously uncorroborated claim by famous Russian ransomware group, LockBit, is stirring up the news this week. Their newest threat is the release of 33 terabytes of American citizens’ banking data, acquired in an alleged (by them) data breach of the U.S. Federal Reserve. The question so far, however, is did LockBit actually breach the… Read More
Blackbaud’s Latest Data Breach Settlement
Four years since the event, Blackbaud is continuing to pay for its 2020 data breach. Most recently, they are now settling against charges of violations of HIPAA and California data security laws, which led to its breach. An incident in which hackers gained access to internal systems and personal data (including Social Security numbers, bank… Read More
Ripples of the Snowflake Breach
Ticketmaster and its parent corporation, Live Nation, are being particularly reticent on details surrounding a data breach against the live events giant. Aside from the allegations that it is a breach of massive proportions, and that a third-party vendor’s cloud database was compromised, not much is known. “On May 27, a criminal threat actor offered… Read More
Recent reports on the exploitation of cyber weaknesses
Vulnerability exploitation as a source of data security incidents is at a record high, according to the latest Verizon Data Breach Investigations Report (DBIR). Compared to 2022, vulnerability exploits nearly tripled last year. Of the over 30,000 security incidents and more than 10,000 breaches analyzed in the report, this accounts for 14% of the total. … Read More
Cyber Threats to Critical Infrastructure Persist
Cyberattacks against critical infrastructure is a subject you might often hear in the news as a potential risk of our connected, online world. Never has this been more the case than in the diffuse workforce of the post-Covid era. This remains an ongoing problem, as a recent tank overflow at a Texas water treatment plants… Read More
Forward Progress on America’s GDPR?
Congress is gradually approaching a new federal data privacy and protection standard for the US. Proposed in 2022, the American Data Privacy and Protection Act (ADPPA) was a bipartisan attempt at federal data privacy legislation, and the first to successfully pass committee markup. Now, after revisions to the initial bill, both House and Senate committees… Read More
From outages to data breaches for AT&T
Not even two months since a massive, nationwide outage left millions of their customers without cell service for hours, AT&T is again in the news for a major data breach. Over the weekend, the company revealed that over 73 million current and former customers had their data released on the dark web, though the origin… Read More
Fujitsu’s breach and Microsoft’s legacy security
Japanese IT firm Fujitsu has another data breach on its hands that has put customers at risk. After discovering malware on its corporate networks, the company conducted an internal investigation, which resulted in the discovery that sensitive personal data could be illegally exfiltrated. As Fujitsu is a firm with numerous customers among the Japanese government,… Read More