Financial penalties for data breaches

Consequences abound, lately, for major companies across industries.  Most recently, T-Mobile and Uber have had to face the music regarding their respective data breaches.  In the latter, Uber has admitted to covering up its 2016 data breach in testimony to the Department of Justice (DOJ), reaching a deal with the agency to escape prosecution.  The… Read More

Log4J Bug Still a Major Risk

Last December, we discussed the recently disclosed Log4j vulnerability – a severe exploit that resided within the Java programming language.  It was described at the time as perhaps the most serious vulnerability seen by the U.S. Cybersecurity and Infrastructure Security Agency, due to the countless applications that used the Log4j code.  Some even went so… Read More

Wedding planners and medical device security

Sometimes, hackers don’t need to literally breach a company’s systems in order to do damage.  In the case of Zola, a wedding planning startup, all the hackers needed was access to user accounts to steal funds or charge thousands of dollars to their credit cards (which is still considered a data breach).  Existing accounts that… Read More

Managing talent shortages in data security

Prior to the pandemic, the IT field was already experiencing a shortage of cybersecurity skills and struggling to fill in the gaps.  The evolving patterns of remote work, along with the sophistication of cyber criminals, have only exacerbated the challenges.  Trust issues can arise for organizations bringing freelancers aboard, outsiders who will be handling sensitive… Read More

Bolstering cyber defenses to deal with evolving threats

Cyber criminals continue to get more sophisticated in their attacks.  We have alluded to this before, but the cost of data breaches rises each year.  This is especially true for the healthcare industry, where a breach can incur a cost of over $6 million and counting.  Schools and government agencies have likewise found themselves targeted… Read More

Data security risks targeting all industries

The eSports market is one of the fastest growing among entertainment industries.  In 2019, worldwide revenues of virtual or in-person video game competitions, totaled $957.5 million, a number which is expected to exceed $1.6 billion by 2024.   Like any online medium, however, this still fledgling enterprise finds itself having to contend not just with cheating… Read More

Student data breaches and expanded guidelines for health information

Any company engaging in the sharing of personal health information (PHI) for advertising purposes may soon find itself subject to new Federal Trade Commission (FTC) rules.  New guidance extends previous controls to the formerly ambiguous domain of applications and devices that share health data.  Failure to comply looks to invite agency enforcement in the future…. Read More

Protecting Intellectual Property From Hackers

Last week saw a data breach announcement from Samsung, which the company publicly acknowledged and for which the hacking group Lapsus$ claimed responsibility.  Luckily for Samsung customers, this does not appear to have been a case of compromised user data.  Rather, the hackers posted that they had stolen 190 gigabytes of company source code for… Read More

Protecting Critical Services from Cybercriminals

Last year’s targeted attack against the Colonial Pipeline brought into sharper focus the risk utilities face from cyber crime.  Data has always been a valuable resource for those who possess it, now more so than ever; as breaches of critical utilities show, it can also be a weapon.  If a retailer’s online platform gets breached,… Read More

Cyber criminals adjusting their tactics to target data

Examination of law enforcement successes against ransomware agents in recent years reveals a resulting adjustment among cyber criminals.  Despite some important figures of criminal gangs being apprehended, many who remain have learned from the experience and are switching their focus to demanding higher ransoms in place of a wider attack net.  Rather than incur the… Read More