RESOURCES

Recent Data Breaches in the News

Data breach affected 27.7 million Texas drivers, Colorado-based company says

November 13, 2020 | Statesman

A recent data breach at an insurance tech company exposed the information of about 27.7 million Texas drivers, the Colorado-based firm announced earlier this week.

How Ryuk Ransomware operators made $34 million from one victim

November 7, 2020 | Bleeping Computer

One hacker group that is targeting high-revenue companies with Ryuk ransomware received $34 million from one victim in exchange for the decryption key that unlocked their computers.

7,500 educational organizations hacked, access being sold on Russian hacker forums

November 5, 2020 | CyberNews

Network access to 7,500 organizations is being sold by a threat actor on multiple Russian hacker forums. According to the listings posted on October 3 and October 26, these mainly include educational organizations.

Badly configured RDP connections major entry point for Windows ransomware

November 5, 2020 | IT Wire

The use of improperly secured Remote Desktop Protocol connections on Windows machines has been found to be the biggest entry point for ransomware, according to a quarterly evaluation by Coveware, a company that is intimately involved in handling such attacks.

36 Bn Records Exposed in Data Breaches in 2020

November 2, 2020 | CISO Mag

A survey from Risk Based Security revealed that the number of records exposed in 2020 has increased to 36 billion globally. The survey “2020 Q3 Data Breach QuickView Report” stated that there were 2,953 publicly reported breaches in the first three quarters of 2020, a 51% decrease compared to the same period in 2019.

A massive hacking network that Microsoft and the US military tried to stop last month is already back — and it could be a bad sign for Election Day

November 2, 2020 | Business Insider

Last month, Microsoft announced it had won a major victory in the fight against cybercrime. The company said in mid-October that it had thwarted Trickbot — a stubborn malware network that's been used to infect critical computer systems, often shutting them down for ransom.

REvil ransomware gang hacked gaming firm Gaming Partners International

October 31, 2020 | Security Affairs

Gaming Partners International (GPI) is a full-service supplier of gaming furniture and equipment for casinos worldwide. The REvil ransomware gang (aka Sodinokibi) claims to have stolen info from the systems at the company before encrypting them.

U.S. Treasury Sanctions Russian Institute Linked to Triton Malware

October 26, 2020 | Security Week

The United States Department of the Treasury’s Office of Foreign Assets Control (OFAC) has announced sanctions against a Russian government institute connected to the destructive Triton malware.

Ransomware Takes Down Network of French IT Giant

October 23, 2020 | Threat Post

French IT giant Sopra Steria was hit with a cyber attack this week that disrupted the business of the firm and is widely believed to be the work of the threat actors behind Ryuk ransomware.

NSA publishes list of top vulnerabilities currently targeted by Chinese hackers

October 20, 2020 | ZDNet

The US National Security Agency has published today an in-depth report detailing the top 25 vulnerabilities that are currently being consistently scanned, targeted, and exploited by Chinese state-sponsored hacking groups.

800,000 SonicWall VPNs vulnerable to new remote code execution bug

October 16, 2020 | ZDNet

Almost 800,000 internet-accessible SonicWall VPN appliances will need to be updated and patched for a major new vulnerability that was disclosed on Wednesday.

New research shows risk in healthcare supply chain

October 16, 2020 | Help Net Security

Exposures and cybersecurity challenges can turn out to be costly, according to statistics from the US Department of Health and Human Services (HHS), 861 breaches of protected health information have been reported over the last 24 months.

Understanding Third-Party Risk

White Paper
56% of organizations have experienced a data breach due to a third party.