Data Breaches


'Glitch' in Illinois' PUA System Blamed for Exposing SSNs, Private Data

Government officials said that a glitch in the State of Illinois’ Pandemic Unemployment Assistance (PUA) program exposed thousands of people’s Social Security Numbers (SSNs) and other private data. Jordan Abudayyeh, a spokesperson for Illinois Governor J. B. Pritzer, sent a statement to WBEZ on May 16. In it, she revealed that the Illinois Department of Employment Security (IDES) had learned of a security incident involving its PUA program. As quoted by WBEZ.


Email, security, and breaches

Email-based attacks can take many forms, and are typically deployed by cybercriminals in order to extort ransom or leak sensitive data. Just recently, a banking Trojan named Trickbot targeted Italy, a hotspot for COVID-19 cases, with email spam campaigns. While the email subject line is in line with the daily concerns and talks about spread of the virus, the attachment was actually a malicious script.


5 Steps to Help Minimize the Risk of a Third-Party Data Breach

Over the past five years, data breaches caused by third-party vendors have continued to increase in severity and frequency. In fact, research found in the latest Ponemon Institute Data Risk in the Third-Party Ecosystem report claims that 59% of companies experienced a data breach caused by one of their third-party vendors. Minimizing your chances of a third-party data breach is a tall order since much of it is out of your direct control.


GoDaddy Data Breach Goes Undetected for 7 Months

The popular domain registry and web hosting company GoDaddy is in the headlines this week after the company reported that an unauthorized user accessed login information used by an undisclosed number of its 19 million customers. GoDaddy informed its customer base of the incident on May 4 in an email stating that on October 19, 2019, an unauthorized individual accessed the login credentials used to connect to SSH on the hosting site.

What to Expect When You're Expecting a Data Breach: End of Year Report from ZeroNorth

From security threats to compliance regulations to the unrelenting pace of business, staying conscious of cybersecurity risks in 2020 is shaping up to be a full-time job. Around this time of year, experts love to offer up their predictions about what's on the digital horizon and how we can best prepare ourselves for the inevitable future. Whether or not these apocalyptic cybersecurity situations come to fruition remains to be seen, but one thing's for sure-it will be a year to watch.

Monthly Data Breach Round-Up: April Edition

In the midst of all of the chaos caused by the coronavirus, cybercriminals are showing no signs of slowing down their attacks. Government agencies, research organizations, healthcare providers and retailers alike are all coming under attack. Learn about some of this month’s most notable data breaches and cyber attacks in our monthly Data Breach Round-Up article series, the April edition.


How to Prevent Third-Party Vendor Data Breaches

Third-party vendor data breaches are becoming an epidemic for organizations that themselves have solid information security programs. The Ponemon Institute has proven year over year in its survey that the cost of third-party data breaches increases with each survey. Many struggle with how exactly to hold third-party vendors accountable and enforce the same rigid standards and controls that they consume internally. The big question is: how do organizations prevent third-party vendor data breaches?


Auditing Cloud Administrator Behavior as a Matter of Data Breach Preparedness

New technologies often present interesting challenges for security teams, with cloud services such as AWS, Azure and GCP providing particularly novel cases in comparison to “classic” on-premise systems. As cloud services race to add new features that drive new customer interest and increase retention of existing clients, there is a very real risk of exposing new threat vectors to the business if even the most minor of misconfigurations occurs.