Sophos is warning that some of its customers may have had their data exposed to a misconfigured internal system, according to a published report. The security firm confirmed that a "small set" of customers was affected.
The Home Depot reached a $17.5 million settlement of a multistate lawsuit stemming from a 2014 data breach that compromised the payment card data of 40 million customers. The company will also implement new security procedures as part of the agreement.
The Manchester United football club of the U.K.'s Premier League is investigating a cybersecurity incident that has affected some of the organization's IT infrastructure, although it says it appears that fan and user data has not been exposed.
A U.S. unit of Italian-based eyewear maker and eye care center conglomerate Luxottica has reported a breach affecting over 829,000 individuals - the fourth largest health data breach added to the U.S. federal tally so far this year. It's unclear if a recent ransomware attack is related.
This edition of the ISMG Security Report features a discussion with Christopher Krebs, the recently fired director of the Cybersecurity Infrastructure Security Agency, on his accomplishments at the agency. Also featured are updates on ransomware gangs recruiting affiliates and healthcare supply chain risks.
European lawmakers are once again considering encryption policies and attempting to strike a balance between the privacy and security afforded by strong encryption and law enforcement's needs. But with encryption being a cornerstone of the internet, is there any new balance to be struck?
Japanese computer game company Capcom acknowledged this week that a November security incident was a Ragnar Locker ransomware attack that resulted in about 350,000 customer and company records, including sales and shareholder data, potentially being compromised.
Ticketmaster UK has been fined $1.7 million by Britain's privacy watchdog for its "serious failure" to comply with the EU's General Data Protection Regulation. Its failure to properly secure chatbot software led to attackers stealing at least 9.4 million payment card details.
An unauthorized person apparently gained access to a database of insurance software firm Vertafore and compromised the driver's license information of over 27 million Texans. Security analysts say a misconfigured database is the likely culprit.
Two senior U.S. Department of Homeland Security officials have been forced to resign, and a senior cybersecurity official fears he will be fired by the Trump administration, according to news reports. The moves have raised questions over U.S. stability during the transition period to President-elect Joe Biden.
Chat and collaboration software tools such as Slack are critical for software development teams. But a data breach experienced by Utah-based software developer WildWorks illustrates why developers should think twice before sharing sensitive database keys over chat.
Inadequate database and privileged account monitoring, incomplete multifactor authentication and insufficient use of encryption: Britain's privacy regulator has cited a raft of failures that contributed to the four-year breach of the Starwood guest reservation system discovered by Marriott in 2018.
When attackers have a 95% success rate, it's not a matter of if but when they are coming in the door. Why? The traditional product-centric security paradigm is contributing to the near record number of infrastructure compromises and data breaches. Today's distributed work environment requires modern cybersecurity that...
Today's threats are more sophisticated than ever and despite significant investment in prevention technologies many organizations continue to suffer damaging attacks. Join Dave Martin, Open Systems' Senior Director of Product Management- Threat Response as he share best practices model to minimize risk that combines...
California voters passed Proposition 24, the California Privacy Rights Act, on Nov. 3, which expands upon the recently activated California Consumer Privacy Act specifically when it comes to enforcement and how businesses handle personal data.