Australian data breach news & repercussions
In the wake of the nation’s major data breaches, Australian authorities have conducted investigations in conjunction with other agencies, like Interpol. Their findings lead them to the totally unremarkable conclusion that Russian hackers are behind this recent spate. Commissioner of the Australian Federal Police (AFP), Reece Kershaw, revealed that his team was aware of the… Read More
Penalties for data breaches surging
A data breach against Drizly LLC in 2020 exposed the personal data of around 2.5 million customers through a hacker accessing employee login information. Now, the Federal Trade Commission (FTC) has levied a proposed decision and order against both the firm and its CEO, James Cory Rellas, exacting stern measures. Demonstrating the severity of consequence… Read More
HELP WANTED: Data Security Experts
First it was telecoms like Optus and Telstra, then Medibank Private Ltd., to name a few major Australian firms hit by cybersecurity breaches. Now, another significant data breach has been disclosed – this time of a military communication platform called ForceNet. Fortunately, in this case it seems no data was compromised by the cyber attack… Read More
Ransomware targets education
Ransomware continues to be a thorn in the side of countless organizations and industries. The FBI has confirmed a rise in this trend, especially since 2019. One dark web listing in 2020 advertised 2,000 university credentials for sale. This year, the agency found further evidence for multiple cybercrime forums selling credentials and VPN access to… Read More
Australia’s seismic telecom breaches
The big data security story in the news these last few weeks is the hack of Optus, Australia’s second largest telecom firm. One unusual twist to the standard plot is the alleged hacker retracting their ransom demands and offering an actual apology for the incident. You don’t often see that. Perhaps the situation got too… Read More
Twitter and Twilio Breaches
Twitter has experienced elevated data security issues in recent years. The data of around 5.4 million anonymous user accounts was recently on sale on an underground forum for $30,000 between last June 2021 and January 2022. Ultimately, a lower price was negotiated by the buyers. Through the stolen data, the new owners could theoretically trace… Read More
Financial penalties for data breaches
Consequences abound, lately, for major companies across industries. Most recently, T-Mobile and Uber have had to face the music regarding their respective data breaches. In the latter, Uber has admitted to covering up its 2016 data breach in testimony to the Department of Justice (DOJ), reaching a deal with the agency to escape prosecution. The… Read More
Log4J Bug Still a Major Risk
Last December, we discussed the recently disclosed Log4j vulnerability – a severe exploit that resided within the Java programming language. It was described at the time as perhaps the most serious vulnerability seen by the U.S. Cybersecurity and Infrastructure Security Agency, due to the countless applications that used the Log4j code. Some even went so… Read More
Wedding planners and medical device security
Sometimes, hackers don’t need to literally breach a company’s systems in order to do damage. In the case of Zola, a wedding planning startup, all the hackers needed was access to user accounts to steal funds or charge thousands of dollars to their credit cards (which is still considered a data breach). Existing accounts that… Read More
Managing talent shortages in data security
Prior to the pandemic, the IT field was already experiencing a shortage of cybersecurity skills and struggling to fill in the gaps. The evolving patterns of remote work, along with the sophistication of cyber criminals, have only exacerbated the challenges. Trust issues can arise for organizations bringing freelancers aboard, outsiders who will be handling sensitive… Read More