Data Breaches

Containment, Communication, and Remediation: The 3 Keys to a Breach Response

The number of U.S. data breaches reported in 2021 increased dramatically over the preceding year. As reported by the Identity Theft Resource Center (ITRC), there were 1,291 data breaches between January 1, 2021 and September 30, 2021. The volume beat out the 1,108 breaches detected over the course of Full Year (FY) 2020. It’s therefore not surprising that data compromises year-to-date (YTD) was up 27% last year compared to FY 2020.

Saudi Aramco data breach: A reminder to start monitoring RPIs

On June 23, 2021, threat actors reported that they had stolen a terabyte of data from Saudi Aramco, a state-owned oil company in Saudi Arabia. The threat actors released samples of data they had procured after redacting critical information. They also claimed to have detailed information on Aramco’s employees, such as their full names, photographs, passport scans, emails, phone numbers, residence permit (Iqama card) numbers, job titles, employee ID numbers, and family information.

Why You Need an Adversary-focused Approach to Stop Cloud Breaches

It should come as little surprise that when enterprise and IT leaders turned their attention to the cloud, so did attackers. Unfortunately, the security capabilities of enterprises have not always kept up with the threat landscape. Poor visibility, management challenges and misconfigurations combine with other security and compliance issues to make protecting cloud environments a complex endeavor.

A Look Back at the Top Data Breaches of 2021

This past year was a banner year for cybercriminals. By the end of September, the Identity Theft Resource Center (ITCR) reported that the number of breaches that had taken place over the first three quarters of 2021 had exceeded the total number of breaches in 2020.

Database Security: How Cloud DLP Can Help Protect Sensitive Data

Some of the most damaging data leaks have resulted from poor database security. In March 2020, 10.88 billion records were stolen from adult video streaming website CAM4’s cloud storage servers. In March 2018, 1.1 billion people were the victim of a breach of the world’s largest biometric database, Aadhaar. And, in April 2021, 533 million users had their information compromised when a Facebook database was leaked on the dark web for free.

Pfizer IP Leak Isn't Unique. Protect Your Cloud Data With Proactive Encryption.

The pharmaceutical company Pfizer recently acknowledged that thousands of internal documents were leaked, including trade secrets related to its COVID-19 vaccine. In a California lawsuit, Pfizer stated that a former employee had exfiltrated sensitive data to their personal cloud accounts and devices while they were still working there.

6 Network Authentication Methods to Prevent a Data Breach

Cybercriminals are continuously finding new ways to steal sensitive information. Having robust network security measures in place is now more important than ever — and network authentication is part of the solution. There are various authentication technologies available that can add an extra layer of protection to prevent security lapses, and each one offers a unique solution. This post will highlight the most common methods for network authentication and answer the following questions.

5 Steps to Ace the FFIEC Assessment

Financial institutions are a rich target for cybercriminals, who scoop up sensitive personal information that allows them to open fake accounts and fraudulent lines of credit. According to research from services firm Accenture and the Ponemon Institute, the average annualized cost of cybercrime to financial institutions exceeds $18 million.

Responsible disclosure: CodeCov CEO & CTO share learnings from the breach

In January of 2021, CodeCov suffered a supply chain attack that exposed client environment variables. In the following months, the specifics of the breach and its technical applications have been thoroughly examined by the application security community to determine what went wrong and how to combat similar attacks in the future. But another interesting outcome of the breach were the insights into a slightly less glamorous topic: responsible disclosure.