A breach of a third party vendor used by some airlines to process pilot job applications has exposed at least 8,700 records, according to data breach disclosures made by American and Southwest Airlines. The impacted airlines have said that they have cut ties with the third party vendor.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Snack giant Mondelēz International has suffered a third-party law firm data breach from its legal services provider, Bryan Cave Leighton Paisner LLP, leaking sensitive personal information of over 50,000 current and former employees.
Australia has been experiencing unusually serious problems with data breaches for nearly a year now. HWL Ebsworth, one of the country's most prominent law firms, appears to have had a huge amount of client information stolen by ALPHV/BlackCat.
BlackCat ransomware group has claimed responsibility for the Reddit hack and threatened to leak 80GB of information stolen during the Feb 2023 data breach and claims to have obtained damaging information capable of destroying the company’s reputation.
UPS Canada has disclosed an extended data breach from February 2022 to April 2023. Attackers were able to access customer shipping information that should have been private, and are believed to have used some of it in an SMS phishing campaign.
The Clop ransomware group may well be the next in law enforcement crosshairs, as the US Department of State has authorized a $10 million bounty on information about the group under its "Reward for Justice" program.
Oregon DMV and Louisiana OMV were impacted by the MOVEit cyber attack exposing sensitive information of virtually all the states’ ID and driver’s license holders.
A joint advisory detailing LockBit ransomware’s tactics and mitigations disclosed that the cybercrime gang extorted $91 million from US companies since 2020 after 1,700 attacks.
While SaaS increases business efficiency, it also represents a significant challenge for CISOs, who now have less direct control over their organizations’ data, including business information, proprietary information, and even employee data, that is now overwhelmingly in various SaaS systems.
In the face of evolving cyber threats, Scout is redefining external threat intelligence by offering expanded visibility and swift data acquisition. This empowers organizations to proactively manage threats, reducing the risk of system damage, reputational harm, and potential financial impact.










