The popular domain registry and web hosting company GoDaddy is in the headlines this week after the company reported that an unauthorized user accessed login information used by an undisclosed number of its 19 million customers. GoDaddy informed its customer base of the incident on May 4 in an email stating that on October 19, 2019, an unauthorized individual accessed the login credentials used to connect to SSH on the hosting site.

In the midst of all of the chaos caused by the coronavirus, cybercriminals are showing no signs of slowing down their attacks. Government agencies, research organizations, healthcare providers and retailers alike are all coming under attack. Learn about some of this month’s most notable data breaches and cyber attacks in our monthly Data Breach Round-Up article series, the April edition.

Third-party vendor data breaches are becoming an epidemic for organizations that themselves have solid information security programs. The Ponemon Institute has proven year over year in its survey that the cost of third-party data breaches increases with each survey. Many struggle with how exactly to hold third-party vendors accountable and enforce the same rigid standards and controls that they consume internally. The big question is: how do organizations prevent third-party vendor data breaches?

New technologies often present interesting challenges for security teams, with cloud services such as AWS, Azure and GCP providing particularly novel cases in comparison to “classic” on-premise systems. As cloud services race to add new features that drive new customer interest and increase retention of existing clients, there is a very real risk of exposing new threat vectors to the business if even the most minor of misconfigurations occurs.

Last year was a disaster in terms of the number of data breaches. A study produced by the nonprofit Identity Theft Resource Center rounded up 1,473 reported data breaches by the end of 2019 – a staggering 17% more than 2018. While the analysis notes that the actual number of data exposed were considerably less than 2018, it’s still proof of the increasing insecurity of deployed IT systems.

There are several types of data or information that can be leaked during a data breach. This include: Though hackers are fast and sophisticated in their operations, nevertheless, some best practices and efficient security tools can help organizations and individuals contain this problem. Here is some help.

In the age of the digital world, cyber threats and vulnerabilities have gained the attention of security leaders as well as countries across the globe. The issue of cyber warfare is no longer limited to organizations. Rather, even state-sponsored cyber-attacks are being organized and launched against enemy states.

Over 10 million people who have stayed at MGM Resorts hotels – including Twitter boss Jack Dorsey and pop idol Justin Bieber – have had their personal details posted online by hackers. The security breach, publicised by ZDNet and security researcher Under the Breach, saw the records of 10,683,188 former guests – including names, postal addresses, phone numbers, dates of birth, and email addresses – made available in an online data dump.

According to CyberMDX, medical devices pose a serious threat to healthcare organizations (HCOs) and are twice as likely as general network devices to be vulnerable to Bluekeep. The 2020 Healthcare Security Vision Report found that thirty percent of US healthcare organizations have experienced a cyber-attack over the last 12 months. These breaches reportedly cost an average of $6.45 million - a figure sixty-five percent higher than that of the cross-industry average.

Hackers are selling the payment card details of more than 30 million Americans and over 1 million foreigners on Joker's Stash, the internets largest payment card forum. This card dump which occurred on Monday was advertised as "BIGBADABOOM-III", but Gemini Advisory found that the card details traced back to Wawa, an East Coast convenience store chain.