Capital one, one of the nation's leading credit card issuers, is the latest enterprise to be hit by a massive data breach, claiming that over 100 million people had their personal information stolen by a hacker. The hacker, Paige A. Thompson, who goes by the online handle "erratic", allegedly obtained access to Capital One data stored on Amazon's cloud computing platform, Amazon Web Services, in March 2019, and subsequently downloaded the data and stored it on her own servers.

Researchers at Sixgill recently discovered more than 23 million stolen debit and credit cards for sale on the dark web. The majority of stolen cards found on the site were issued in the US, more than 15 million, making up almost two out of every three cards. The UK was the second biggest hit. The researchers noted that only 316 stolen cards were Russian issued, claiming this is due to the relatively low GDP of the country that makes Russian citizens less attractive targets.

Lousiana Governor John Del Edwards declared a statewide cybersecurity emergency yesterday in response to an ongoing malware attack that struck three public school districts in Northern Louisiana. Gov Edwards issued a declaration on the matter, claiming, "there have been severe intentional cybersecurity breaches in the Sabine, Morehouse, and City of Monroe school systems that may potentially compromise other public and private entities throughout the State of Louisiana."

New research from IBM has found that the average global cost of a data breach has increased again, claiming the financial burden can be felt for several years after the incident. IBM's Cost of a Data Breach study found that the cost of a data breach has risen from $3.86 million to $3.92 million over the past year. This figure is also 12% higher than that found just five years ago. In the United States, this figure is more than double - with the cost of a breach at $8.19 million.

More healthcare organizations across the United States are coming forward and informing customers that they've been impacted by the data breach suffered by the American Medical Collection Agency (AMCA). Those organizations who have come forward have all used the same press release template to notify customers. The only difference in the notice is the number of impacted customers and contact information for customers to call for more details.

Equifax has agreed to pay up to $700 million to state and federal regulators following the 2017 data breach that exposed the personal information of almost 150 million people. The Federal Trade Commission (FTC) announced today that the credit reporting agency will pay at least $300 million and up to $425 million to compensate affected victims with credit monitoring services.

California's state auditor is calling for additional oversight and regular assessments after finding weaknesses in the information security of some California state offices. State auditor Elaine Howle recently released a report Gaps in Oversight Contribute to Weaknesses in the State's Information Security and found that the personal information of California residents may not be secure due to flaws in the government's IT systems.

Business Email Compromise (BEC) scams have increased in volume and value over the last two years, with new data showing cybercriminals make over $300 million per month from US victims alone.

Support for Microsoft's 10-year-old operating system, Windows 7, will officially end in six months, yet research shows 18% of larger enterprises still have not migrated to Windows 10. At the beginning of the year, researchers found that 43% of organizations were still running Windows 7, 17% of which had no clue when the official end of life date was for the operating system.

Amazon Prime Day is in full effect and so are hackers working on elaborate phishing scams targeting Amazon shoppers. Amazon announced that over one million items will be discounted on July 15 and 16, leaving bargain shoppers racing to buy. But while shoppers are busy searching for the best deals on this Prime Day, malicious actors are looking to scam. McAfee reported a popular phishing kit, 16Shop, recently shifted its attention to Amazon.

The UK's Information Commissioner's Office (ICO) revealed plans this week to fine British Airways and Marriott Hotels as a result of a data breaches that hit the organizations in 2018. On Monday, the ICO said it's planning to fine British Airways a record-breaking fine of $229.34 million for the breach suffered in September 2018. In the attack, hackers were able to divert user traffic to a bogus site, stealing personal data from over 500,000 customers.

Premera Blue Cross has agreed to pay $10 million to 30 states following a data breach that exposed sensitive information on over 10 million people across the country.

On Monday, July 8, the Coast Guard issued a Marine Safety Alert claiming a vessel was struck by malware back in February. The craft is described as a 'deep draft' vessel on an international voyage which was struck by a "significant cyber attack" on its way to the Port of New York and New Jersey. Fortunately, the crew avoiding losing total control of the ship.

A new report has found that despite the growing adoption of advanced cyber security tools, SMBs are still vulnerable to long-lasting security breaches compared to enterprise organizations. The report released by Infocyte claims SMBs are more vulnerable due to the lack of IT staff needed to detect and respond to security threats.

Security researchers have discovered an automated Magecart digital skimming campaign that compromised over 960 e-commerce stores in less than 24 hours. Sanguine Security Labs found that the widespread Magecart campaign breached almost 962 e-commerce stores customers' payment details, including full credit card data, names, phone numbers, and billing addresses.

Financial services companies in the UK reported over 819 cyber incidents to the Financial Conduct Authority in 2018, a stark increase compared to just 69 reported the previous year. Among those hit, the hardest was retail banks (486), representing almost 60% of the total reported attacks. Followed by wholesale financial markets who reported 115 incidents and retail investment firms who reported 53 incidents.

The U.S. Senate released a 99-page report last week accusing eight critical agencies of failing to apply basic defenses to cyber attacks, putting public safety and personal data at high risk.