A Texas-based physical and occupational therapy provider is notifying nearly 4 million patients that they have joined the soaring tally of victims of a data theft incident at a Nevada medical transcription vendor last year. The supply chain hack appears to have affected at least 14 million people.
Supply chain attacks and zero-day exploits surged in 2023, helping to set yet another record for data breaches tracked by the Identity Theft Resource Center. James E. Lee, COO of the group, explained why the number of compromises grew so dramatically - from 1,801 incidents in 2022 to 3,205 in 2023.
Does a day ever go by without a fresh set of data breach notifications? Some organizations' breach notifications at least signal respect for the recipient. But others play it shadier, by resorting to marketing spin, minimizing the blame, and in some cases, even indulging in corporate cheerleading.
Fallout is mounting, and new developments are emerging in several high-profile health data hacks. Data breaches reported in recent weeks and months at a medical transcription vendor, a hospital chain and a law firm are affecting a growing list of clients and individuals - and triggering lawsuits.
Australian travel company Inspiring Vacations is investigating a misconfigured cloud database that exposed passport details and the personal information of tens of thousands of travelers. Cybersecurity researcher Jeremiah Fowler said the database leaked 112,000 passport scans and identity documents.
This week, hackers took over Mandiant's X account, authorities charged a Nigerian hacker with stealing $7.5 million from charities, the DOJ fined XCast $10 million for illegal robocalls, and attackers exploited an SMTP smuggling flaw in a phishing email campaign.
A defunct ambulance company is notifying nearly 912,000 patients and employees that their archived records were compromised in an early 2023 data theft hack. The firm previously provided emergency care in the Boston region and administrative services to affiliated transportation companies.
The count of known U.S. organizations that fell victim to ransomware last year - whether or not they paid a ransom - surged from 220 to 321, and hospital systems, K-12 school districts and post-secondary schools were especially affected, researchers report.
Brisbane-based retail group Eagers Automotive is investigating a cyberattack that disrupted parts of its regional operations and compromised the personal information of some of its customers. Eagers said Tuesday it doesn't know the full extent of the hack, but it has started notifying customers.
Hackers celebrated the year-end holidays with a malicious "Free Leaksmas" posting on the dark web, releasing 50 million stolen consumer records, including credit card information. Researchers said the leaked data can be used for identity theft and fraud.
This week, a breach at real estate firm Wealth Network exposed 1.5 billion records, Corewell Health patients were hit by a second breach, data of 1.3M LoanCare mortgage customers was exposed, and Yakult Australia admitted to experiencing a "cybersecurity incident" that exposed 95 gigabytes of data.
Comcast says attackers stole personal information pertaining to 35.9 million customers of its Xfinity-branded TV, internet and home telephone services in an October attack that targeted a vulnerability - dubbed Citrix Bleed - present in NetScaler and Citrix networking equipment.
China's industrial and information technology ministry unveiled plans to classify data security incidents based on severity and the extent of damage to victims. It proposes color-coding incident types to help regulatory agencies respond appropriately to specific events faster.
Singapore's cybersecurity agency is asking for public comments on a proposed list of amendments to the country's Cybersecurity Act to enhance its ability to monitor supply chain security and digital technologies that fall outside the definition of critical information infrastructure.
The FCC approved new guidelines that note how data breaches "have only grown in frequency and severity" since the commission adopted its privacy protection policies 16 years ago. The new rules aim to provide customers and law enforcement with real-time information about critical security incidents.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.