Data Breaches


How to Foil the 6 Stages of a Network Intrusion

The cost of a breach is on the rise. A recent report from IBM revealed that the average cost of a data breach had risen 12 percent over the past five years to $3.92 million per incident on average. Additionally, this publication uncovered that data breaches originating from malicious digital attacks were both the most common and the most expensive types of security incidents.


400 Million Facebook Users' Phone Numbers Exposed

The phone numbers associated with over 400 million Facebook accounts were exposed online in the latest privacy dilemma for the social media giant. TechCrunch reported on Wednesday that an exposed server storing 419 million records was found online - 133 million belonging to U.S. users, 50 million Vietnamese users, and 18 million U.K. users. This server was not protected with a password, meaning anyone could access the database up until late yesterday evening once the host took down the site.


Hundreds of millions of Facebook users' phone numbers found lying around on the internet

TechCrunch reports that a security researcher stumbled across an exposed server on the internet containing databases with a total of more than 419 million records related to Facebook users. According to TechCrunch’s reporting, each database record contains a user’s unique Facebook account ID (from which it’s possible to determine a user name) and phone numbers attached to the account.


Researcher Warns of Airlines Failing to Protect Customer Data

Many airlines allow passengers to view and make adjusts to flight details by using a unique identifier often called the booking reference, or passenger reference number, and the customers last name. Unfortunately, there are several airlines that have not implemented mechanisms that would prevent someone from obtaining the PNR through a brute force attack on an airlines' booking management system.


Hy-Vee Point-of-Sale Systems Suffers Security Breach

Hy-Vee experienced a hack that impacted some of its payment processing systems that are associated to transactions at various Hy-Vee fuel pumps and drive-thru coffee shops. Hy-Vee detected unusual and unauthorized activity on some of its PoS systems which caused them to hired a cybersecurity firm and immediately launched an investigation into the activities.


Data Breach: What Is a Data Breach and How to Prevent One

A data breach is a security incident where sensitive, protected confidential information is copied, transmitted, viewed, stolen or used by a person or persons with unauthorized access. Data breaches can involve financial information like credit card numbers or bank account details, personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property.


More than a million people have their biometric data exposed in massive security breach

A biometrics system used to secure more than 1.5 million locations around the world – including banks, police forces, and defence companies in the United States, UK, India, Japan, and the UAE – has suffered a major data breach, exposing a huge number of records. South Korean firm Suprema runs the web-based biometric access platform BioStar 2, but left the fingerprints and facial recognition data of more than one million people exposed on a publicly accessible database.


700K Guest Records Stolen in Choice Hotels Breach

Hospitality franchisor Choice Hotels, the parent organization of those franchise chains, has confirmed a breach in which attackers stole 700,000 guest records from a publicly available MongoDB database without a password or any authentication. The affected data includes full names, addresses, email addresses and telephone numbers. No credit cards, passwords or Social Security numbers were compromised. The database held 5.6 million records.


What the 2019 AWS Security Report Tells Us About Preventing a Cloud Data Breach

In the wake of the recent Capital One security breach in their cloud environment on AWS, the security community is taking another look at how we approach cloud security. CloudPassage recently shared guidance in our blog, “Capital One Data Breach: Non-Technical Tips To Not Be A Headline”. Here we take a look at how your industry peers are thinking about focusing on what matters by taking a look at the 2019 AWS Security Report.