The new New York cybersecurity regulations require healthcare facilities to appoint a CISO, implement incident response plans, and to face new breach reporting requirements. They will also have access to a total of $500 million in new funding from the state.
Third party data breach of two relocation services providers may have exposed the passports, financial information and other personal information of Canadian government employees dating back to 1999.
Samsung has disclosed a year-long data breach impacting UK online store customers. The cybersecurity incident which took placed in July 2019 - June 2020 was only disclosed in November 2023.
While cybersecurity practitioners have uncovered many ways that the predictive technology can benefit security teams, threat actors have also been swift to adopt generative AI as the newest tool in their arsenals for launching sophisticated attacks.
New FCC rules will essentially force a new set of procedures and checks on the customer service employees that are targeted by the criminal hackers that engage in SIM swapping.
CISA has released a roadmap establishing four overarching broad goals, with five more specific lines of effort that appear to indicate concrete immediate priorities. Defensive AI cybersecurity measures and plans for critical infrastructure adoption are repeating themes.
Postmeds’ Truepill data breach impacted over 2.3 million individuals and is the subject of a class-action lawsuit alleging the digital pharmacy's negligence.
The McLaren Health Care data breach impacted nearly 2.2 million patient records. The company confirmed the intrusion and unauthorized data access occurred in July-August 2023 and was discovered in Oct 2023. The ALPHV/BlackCat ransomware group claimed responsibility for the apparent ransomware attack.
Denmark's energy infrastructure was bombarded by cyber attacks in May of this year. Report says 16 energy infrastructure companies were targeted and 11 were compromised immediately, the other five only apparently dodging a breach because the attackers were sloppy in their technique.
The ALPHV/BlackCat ransomware group has filed an SEC complaint directed at MeridianLink, noting that the data breach took place over a week prior, and claims that new SEC rules require the victim to disclose a material impact within four business days.