Articles tagged "Data Breach"

Found 547 articles

Cameron Nicholas Curry, a tech worker from North Carolina, was found guilty of conducting an insider attack that resulted in the theft of sensitive corporate data from a Washington D.C.-based technology company. As his six-month contract was ending, Curry reportedly stole data and demanded a ransom of $2.5 million. This incident raises significant concerns about insider threats, where employees exploit their access to company information for personal gain. Companies need to be vigilant about monitoring employee activities, especially as contracts come to a close, to prevent similar attacks in the future. The case serves as a reminder of the potential risks posed by trusted employees and the importance of cybersecurity measures in protecting sensitive information.

Read Original

Bitrefill, a cryptocurrency e-commerce platform, has reported a cyberattack attributed to the North Korean hacking group Lazarus Group. This incident, which occurred earlier this month, resulted in the theft of 18,500 purchase records from Bitrefill's infrastructure. The stolen data could potentially expose users' transaction histories and personal information, raising significant privacy concerns. The involvement of Lazarus Group highlights the ongoing threat posed by state-sponsored cybercriminals, particularly in the cryptocurrency sector. As cryptocurrency transactions often lack the same protections as traditional financial systems, users need to remain vigilant and consider the security of platforms they use.

Read Original

Aura, a digital security company, has reported a data breach linked to a voice phishing attack that compromised customer information. The exposed data originated from a marketing tool that Aura acquired in 2021. While specific details about the type of data exposed have not been disclosed, the incident raises concerns about the safety of customer data and the potential for further exploitation by cybercriminals. Users affected by this breach should be vigilant for phishing attempts and other suspicious activities. This incident highlights the ongoing risks associated with third-party tools and the importance of robust security measures for customer data protection.

Read Original

Navia Benefit Solutions, Inc. has reported a significant data breach affecting approximately 2.7 million individuals. The breach resulted in the exposure of sensitive personal information, although specific details about the type of data compromised have not been disclosed. This incident raises concerns about the security measures in place at Navia and the potential risks faced by those whose data was exposed. Affected individuals could be at risk of identity theft and other malicious activities as attackers may exploit this information. Companies handling sensitive data need to prioritize stronger security protocols to prevent similar incidents in the future.

Read Original

The Marquis data breach has affected approximately 672,000 individuals, a significant reduction from earlier estimates that suggested over 1.6 million might be impacted. This breach raises concerns over the security of personal information, as affected individuals may have had their data exposed. The specifics of what data was compromised have not been detailed, but such incidents can lead to identity theft and other forms of fraud. Organizations must take this breach seriously and assess their own data protection measures to prevent similar incidents in the future. The incident serves as a reminder of the vulnerabilities that exist in handling personal data.

Read Original

Aura, a cybersecurity firm, has reported a data breach that affects approximately 900,000 records. The breach occurred after an employee was targeted in a phone phishing attack, which allowed attackers to steal information from a marketing tool used by the company. This incident raises concerns about the effectiveness of employee training in recognizing phishing attempts and the security measures in place for sensitive data. Users whose information may have been compromised should remain vigilant about potential follow-up phishing attempts or identity theft. The breach serves as a reminder for organizations to continuously update their security protocols and educate employees about the risks of social engineering attacks.

Read Original

The Cybersecurity and Infrastructure Security Agency (CISA) is advising U.S. organizations to take immediate steps to secure their Microsoft Intune systems. This warning comes after a cyberattack targeted Stryker, a major medical technology company, exploiting vulnerabilities in the Intune endpoint management tool. The breach led to significant disruptions in Stryker's operations, raising concerns about the security of similar systems across various organizations. CISA recommends that users follow Microsoft's security guidance to bolster their defenses against potential attacks. This incident highlights the need for vigilance in managing endpoint systems, particularly in sectors that handle sensitive data.

Read Original

The University of Mississippi Medical Center and Passaic County in New Jersey have recently fallen victim to attacks from a ransomware group known as Medusa, which is believed to operate from Russia. This ransomware-as-a-service operation has claimed responsibility for the incidents, raising concerns about the security of healthcare and local government systems. The attacks can disrupt critical services and compromise sensitive data, which is particularly alarming in the healthcare sector where patient information is at stake. As ransomware attacks become increasingly common, organizations must prioritize their cybersecurity measures to protect against such threats and ensure they can continue to serve their communities effectively.

Read Original

Marquis, a financial services provider based in Texas, recently reported that a ransomware attack in August 2025 compromised the personal data of over 672,000 individuals. The breach also had significant operational impacts, affecting 74 banks across the United States. The stolen data may include sensitive information, raising concerns about identity theft and privacy for those affected. This incident highlights the vulnerabilities in the financial sector and the ongoing threat posed by ransomware groups. Organizations in this space need to enhance their cybersecurity measures to protect both their operations and customer data.

Read Original

A recent report by SailPoint, which surveyed 333 IT decision-makers in the UK, reveals a significant security risk for businesses: 77% of organizations do not deactivate accounts of former employees in a timely manner. This oversight can leave sensitive data vulnerable to unauthorized access, as ex-employees may still have the ability to access company systems. The failure to manage identity security effectively could result in data breaches, potentially exposing businesses to severe financial and reputational damage. Companies must prioritize timely account deactivation protocols to protect their data and maintain compliance with data protection regulations. This situation is particularly concerning as it highlights a widespread issue that could affect numerous organizations across various sectors.

Read Original

On March 13, the WebFiling service of Companies House was taken offline after a security issue was discovered that exposed sensitive data of company directors. This incident raises concerns about the privacy and security of personal information for those listed as directors, as it could potentially be misused by malicious actors. Companies House, which is responsible for registering company information in the UK, has not provided detailed information about the nature of the data that was exposed or how many individuals were affected. The downtime of the service indicates a proactive measure to prevent further unauthorized access. This situation emphasizes the importance of maintaining secure systems, especially when handling sensitive personal data.

Read Original

Intuitive has reported a data breach resulting from a phishing attack that compromised sensitive information. The stolen data includes customer business and contact details, as well as employee and corporate data. This breach could potentially expose affected individuals and businesses to identity theft and fraud. Phishing attacks are a common tactic used by cybercriminals to gain unauthorized access to systems, making this incident a reminder of the constant need for vigilance in cybersecurity practices. Organizations are encouraged to review their security protocols and educate employees about recognizing phishing attempts to mitigate future risks.

Read Original
Actively Exploited

In the latter half of 2025, there was a significant rise in credential theft incidents, primarily driven by advancements in infostealer malware and AI-powered social engineering tactics. Attackers are increasingly logging into accounts rather than using traditional methods to break in. This trend affects not only individual users but also organizations that store sensitive data, making them more vulnerable to breaches. The use of sophisticated malware makes it easier for cybercriminals to harvest login credentials, which can lead to unauthorized access and data theft. Companies and users alike need to be vigilant and implement stronger security measures to protect against these evolving threats.

Read Original

The UK Companies House has acknowledged a security vulnerability that potentially exposed sensitive details of millions of businesses. This flaw could allow unauthorized individuals to access company information and modify official records. The agency has confirmed that the issue could have serious implications for the integrity of business data in the UK, raising concerns about identity theft and fraud. As Companies House holds critical information about registered companies, this exposure poses a significant risk to both businesses and consumers. Authorities are urging companies to remain vigilant and review their security practices in light of this breach.

Read Original

Intuitive Surgical, known for its robotic surgical systems, has disclosed a cyberattack that compromised some of its internal business applications. The breach occurred after an employee was targeted by a phishing attack, allowing unauthorized access to the company's systems. While the specific data accessed has not been detailed, this incident raises concerns about the security of sensitive information within the healthcare sector. As a leading provider of robotic surgery solutions, any disruption or potential data compromise could impact patient care and trust in their technologies. The company is likely reviewing its security protocols to prevent future incidents.

Read Original
PreviousPage 19 of 37Next