UnitedHealth Group (UHG) has confirmed that the February 2024 Change Healthcare data breach leaked the sensitive personal information of 100 million people, making it the worst healthcare leak in history.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Each of the fined companies learned that they had been breached during the SolarWinds hack in 2020 or 2021. Each was found by the SEC to have negligently minimized its cybersecurity disclosures in ways that could mislead investors, but all using somewhat different language.
The 2024 election season is facing an unprecedented challenge: AI-driven disinformation and cyberattacks. As AI’s influence grows, its ability to spread misinformation, create deepfakes, and target election systems becomes more dangerous.
Japanese electronics company Casio is still reeling from a ransomware attack that disrupted its systems, two weeks after the incident occurred and with no expected recovery timeline.
USDoD has a years-long history of data breaches, leaking the stolen information or offering it for sale on hacking forums. This has included some extremely damaging collections of information, the largest of which thus far has been the National Public Data breach.
A joint cybersecurity advisory warns of Iranian hackers using brute-force attacks to compromise critical infrastructure to obtain initial access for sale to other threat actors.
Fact-checking is a small but crucial part of an overarching culture of cybersecurity. The security team is not the only group that must live and breathe security; employees and business leaders must also do the same.
The Pokémon developer has confirmed that a data breach took place about two months ago and was the result of illegal access to the company's internal network, spilling internal secrets and some employee contact information.
A new report from Mandiant indicates that 70% of 2023's total of 138 exploited vulnerabilities were zero-days when first used, with the average time-to-exploit (TTE) dropping drastically from 32 days to just five.
Cisco has launched a data breach investigation and pulled its development portal offline after a hacker listed the company’s infrastructure information on a hacking forum.










