The increasing number of third-party data breaches and the sensitive information they expose have negatively impacted consumer trust. Third-party breaches occur when sensitive data is stolen from a third-party vendor or when their systems are used to access and steal sensitive information stored on your systems. In today's interconnected economy, companies rely on third-parties.
Babylon Health, makers of a smartphone app that allows Brits to have consultations with NHS doctors, has admitted that a “software error” resulted in some users being able to access other patients’ private video chats with GPs.
What is Lateral Movement? Lateral movement refers to the techniques that a cyber-attacker uses, after gaining initial access, to move deeper into a network in search of sensitive data and other high-value assets. Lateral movement techniques are widely used in sophisticated cyber-attacks such as advanced persistent threats (APTs).
Data is rapidly becoming one of the most valuable assets in the modern world. The digital giants that monopolize data are arguably the most powerful companies in the world, prompting ongoing conversations about anti-trust legislation and digital privacy. Despite the overwhelming value controlled by these entities, as we'll see, even companies such as Facebook are vulnerable to the byproduct of the rapid move to digitization – the data breach epidemic.
Cybercriminals continue to take advantage of the global pandemic created by COVID-19 and are targeting government agencies and organizations via phishing emails and malware attacks. Learn about some of this month’s most notable data breaches and cyberattacks in our monthly Data Breach Round-Up article series, the May edition.
It’s DBIR season! Put down your pens, stop watching “The Last Dance” and get to reading the key findings of the 13th edition of the annual Verizon Data Breach Investigations Report!
British low-cost airline group easyJet revealed that an hacking incident had exposed approximately nine million customers’ information.
Government officials said that a glitch in the State of Illinois’ Pandemic Unemployment Assistance (PUA) program exposed thousands of people’s Social Security Numbers (SSNs) and other private data. Jordan Abudayyeh, a spokesperson for Illinois Governor J. B. Pritzer, sent a statement to WBEZ on May 16. In it, she revealed that the Illinois Department of Employment Security (IDES) had learned of a security incident involving its PUA program. As quoted by WBEZ.
Email-based attacks can take many forms, and are typically deployed by cybercriminals in order to extort ransom or leak sensitive data. Just recently, a banking Trojan named Trickbot targeted Italy, a hotspot for COVID-19 cases, with email spam campaigns. While the email subject line is in line with the daily concerns and talks about spread of the virus, the attachment was actually a malicious script.
Over the past five years, data breaches caused by third-party vendors have continued to increase in severity and frequency. In fact, research found in the latest Ponemon Institute Data Risk in the Third-Party Ecosystem report claims that 59% of companies experienced a data breach caused by one of their third-party vendors. Minimizing your chances of a third-party data breach is a tall order since much of it is out of your direct control.
