Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

26 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 26 Filtered view

Investigators Found Months of Unchecked Database Scraping ActivitySouth Korea's privacy regulator fined Coupang a record 624.7 billion won after concluding that weak authentication controls, insider access abuse, evidence destruction and unauthorized data collection contributed to the exposure of personal information belonging to 33.7 million people.

New HHS Enforcement Program Focuses on Patient Confidentiality, Aligning With HIPAAThe U.S. Department of Health and Human Services has launched a new breach reporting website and guidance materials to support its duties of enforcing compliance mandates that went into effect Monday to better align the confidentiality of substance use disorder records with the HIPAA privacy rule.

Also, Venezuela Cyberattack, Endesa Confirms Breach and Telegram IP LeakThis week, a software flaw caused the Verizon outage. U.S. cyberattack in Venezuela. ICE identities published online. BreachForums users leaked. Spanish energy provider Endesa data breach. Telegram privacy risk. A MuddyWater upgrade. Dutch man sentenced for hacking a maritime port. A ServiceNow patch.

How UX Decisions Are Becoming Regulatory Liabilities for CISOsChildren's data is entering a new regulatory era where dark patterns, defaults and monetization choices can signal breached fiduciary duty. As privacy, safety and consumer laws converge globally, CISOs must treat manipulative UX, consent flows and retention practices as core security and governance risks.

Bank Info Security 6 months, 1 week ago

Illinois Notifies 700,000 of Misconfiguration Breach

Mapping Platform Exposed Addresses and Medical Assistance PlansThe Illinois Department of Human Services is notifying more than 700,000 individuals of a breach involving "incorrect privacy settings" left in place for several year that exposed online data pertaining to Medicare, Medicaid and rehabilitation services recipients.

Australian Clinical Labs Ordered to Pay $3.8 Million Over Pathology Unit Data TheftAn Australian court has fined a medical lab $5.8 million for cybersecurity failures leading up to - and following - a 2022 cyberattack that affected 223,000 patients. The penalty marked the first time Australia has levied a civil monetary fine for violations of its Privacy Act of 1988.

Bank Info Security 9 months, 1 week ago

Australia Levies First-Ever Privacy Act Fine in Lab Breach

Australian Clinical Labs Ordered to Pay $5.8M in Data Theft at Medlab Pathology UnitAn Australian court has fined a medical lab $5.8 million for cybersecurity failures leading up to - and following - a 2022 cyberattack that affected 223,000 patients. The penalty marked the first time Australia has levied a civil monetary fine for violations of its Privacy Act of 1988.

Bank Info Security 9 months, 1 week ago

Discord Vendor Hack Exposes ID Data in Ransom Bid

Proliferating Age Verification Systems a Hacker TargetA vendor breach linked to Discord exposed government ID uploads used in age verification, raising alarms among privacy experts who warn that third-party data collection systems are becoming high-value targets amid rising legislative mandates for online age checks.

Bank Info Security 9 months, 4 weeks ago

Breach Roundup: Microsoft, Cloudflare Dismantle RaccoonO365

Also, Colt Services Outage Persists, Finland Charges Americans in Vastaamo HackThis week, Microsoft hit RaccoonO365, Colt Technology Services, Finland charged a U.S. citizen in Vastaamo hack. RevengeHotels hackers used AI, Meta can't overturn a privacy case verdict. Chinese hackers unleashed spear phishing emails. Prosper confirmed a data breach, as did Kering fashion houses.

Bank Info Security 10 months, 1 week ago

Breach Roundup: Scattered Lapsus$ Hunters Behind Jaguar Hack

Also, Disney Pays $10M to Settle Child Privacy Case, Spain Scraps Huawei DealThis week, Jaguar hack, Disney settled a child privacy case, Texas sued PowerSchool and federal prosecutors sued a toy maker. Spain voided a Huawei contract, Pennsylvania AG confirmed a ransomware attack. U.S. immigration enforcement resumed a spyware contract and Baltimore lost $1.5 million to BEC.

Bank Info Security 11 months, 1 week ago

Australian Privacy Regulator Sues Optus Over 2022 Hack

Telecom May Face Up to $2.22 Million Per Violation in FinesThe Australian privacy watchdog sued Optus, saying the country's second largest telecom failed for years to protect sensitive customer data breached during a September 2022 incident affecting nearly 10 million people. The regulator said Optus faces a potential fine of up to AU$21.9 trillion.

Also: Medicare Data Breach; Gartner Security & Risk Management Summit TakeawaysIn this week's update, ISMG editors discussed Iran-linked hackers claiming to steal emails from Trump's inner circle, how to refine application development in the age of AI, and a U.S. Medicare data breach amplifying concerns over the safety, security and privacy of federal health systems.

Also: Dismantling a 460 Million Euro Crypto Fraud NetworkThis week, a peek into Iran's largest crypto exchange blending privacy, scale and sanctions evasion, Europol and Spanish police dismantled a crypto fraud network, $9.5M Resupply hack, sentencing in a $40M ponzi scheme and a North Korean crypto theft and employment fraud ring.

At the Same Time, the Total Number of Breach Notifications to Consumers IncreasedThe total amount of annual fines imposed by European privacy regulators fell in 2024 for the first time since the EU's pioneering data protection law came into effect, even as the number of data breach notifications continued to increase, report legal privacy researchers.

Transfer of German Man's IP Address Wins Him 400 EurosEuropean privacy regulation - bane of American technology companies and a favorite cudgel of activists - came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.

Bank Info Security 1 year, 7 months ago

Breach Roundup: Microsoft Tries Again With Windows Recall

Also: Africa Busts Cybercrime Suspects; Many Smart Devices Lack Update TransparencyThis week, Microsoft previews its latest attempt to introduce AI-enabled Windows Recall - now with added privacy features; over 1,000 cybercrime suspects busted in Africa; regulators report "smart" device update promises often missing; and Florida IT professional caught spying for China.

Bank Info Security 1 year, 8 months ago

Regulator's Call to Breached Organizations: 'Be Human'

Breaches Often Have Harmful, Under-Acknowledged 'Ripple Effect' on Victims' LivesToo many breached organizations fail to acknowledge the detrimental impact their mishandling of people's personal data can have on affected individuals, and to treat victims with the "empathy" they deserve, said the U.K.'s privacy watchdog, the Information Commissioner's Office.

Bank Info Security 2 years, 1 month ago

Privacy Regulators Probe Impact of 23andMe's Mega-Breach

6.9 Million Individuals' Genetic Details Stolen via 2023 Credential-Stuffing AttackPrivacy regulators in the U.K. and Canada have launched a joint investigation into 23andMe following the direct-to-consumer genetic testing service suffering a massive data breach in October 2023 that led to the theft of 6.9 million individuals' ancestry details.

Bank Info Security 2 years, 1 month ago

ISMG Editors: UnitedHealth Group's HIPAA Breach Fallout

Also: The End of an Era at Mandiant and Privacy and Ethics Concerns Related to LLMsIn the latest weekly update, ISMG editors discussed the implications of Kevin Mandia stepping down as Mandiant CEO; UnitedHealth Group's responsibility for a massive HIPAA breach at its subsidiary, Change Healthcare; and privacy concerns over large language models.

Loading more headlines...