Ignoring a breach disclosure can have ugly consequences. Case in point: Lumin PDF, a PDF editing tool, which saw data for much of its user base - about 24.3 million - published in an online forum late Monday. Data breach expert Troy Hunt says it's sign of the dysfunction in the breach disclosure process.
Paige A. Thompson, who prosecutors allege hacked into Capital One's network to access millions of credit card applications, has pleaded not guilty to federal computer crime charges. Her tentative trial date is Nov. 4.
Facebook has confirmed that unprotected databases containing more than 419 million users' phone numbers contained data scraped from the social network. TechCrunch, which first reported on the development, says many of the exposed phone numbers can be tied to Facebook IDs and remain accurate.
Nation-state actors, cybercriminals, hacktivists - each of these adversaries poses threats to enterprises. But how can organizations prioritize the threats and respond based on business risks? Craig Harber of Fidelis Cybersecurity discusses advanced threats and how to raise the bar on response.
Bulgaria's Personal Data Protection Commission has fined the nation's tax agency $2.9 million for failing to stop a breach that leaked tax records for nearly all of the country's citizens. Meanwhile, prosecutors have filed related criminal charges against employees of a penetration testing company.
A federal grand jury indictment of Seattle software engineer Paige A. Thompson charges her with stealing 100 million records from Capital One, stealing data from at least 29 other organizations, as well as using hacked cloud computing servers to mine for cryptocurrency.
Security firm Imperva is notifying some of its Cloud Web Application Firewall customers about a "security incident" that exposed certain data, CEO Chris Hylen reports in a blog post. What risks does the exposure create?
Web hosting company Hostinger has reset all customer passwords after one of its databases was breached, affecting 14 million accounts. The intruder gained access to an authorization token that allowed access to a customer database, the company says.
State officials in Texas say that at least 23 local government entities have fallen victim to a coordinated ransomware attack unleashed on Friday morning. Security experts say attackers continue to pummel local governments, and illicit profits have been rising.
This edition of the ISMG Security Report discusses the latest improvements in deception technology and how best to apply it. Also featured: a report on the growth of mobile fraud, plus insights on Merck's experience recovering from a NotPetya attack.
Paige A. Thompson, who's been arrested on a charge of hacking into Capital One's network and taking the personal and financial data of 106 million individuals, is also suspected of stealing information from over 30 other organizations, according to new court documents.
Choice Hotels says about 700,000 guest records were exposed after one of its vendors copied data from its systems. Fraudsters discovered the unsecured database and tried to hold the hotel chain to ransom, which it ignored.
The U.S. Securities and Exchange Commission is investigating the exposure of personal and mortgage-related records from First American Financial Corp., according to security blogger Brian Krebs. First American spent $1.7 million on the incident in its second quarter, but investigations and lawsuits are looming.