Security news aggregator

Latest coverage for Breach

Stay informed on the latest data breach incidents and security breaches. Protect your information with our up-to-date breach news and analysis.

20 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Breach means unauthorized access to a computer system or network that exposes or steals sensitive data like personal details, passwords, or proprietary information. Attackers often exploit software flaws, weak passwords, or social engineering to gain entry. Breaches can also result from insiders misusing access or accidental data exposure.

Understanding breaches is crucial because they reveal weaknesses in security controls and can lead to data theft or operational disruption. Effective defenses include promptly patching vulnerabilities, enforcing strong authentication, and segmenting networks to limit attacker movement. Detecting breaches quickly through monitoring and logging helps contain damage and guide targeted remediation efforts to secure affected systems and data.

Showing 20 most recent headlines Filtered view
Bank Info Security 2 years, 2 months ago

ISMG Editors: RSA Conference 2024 Preview

Also: Insights From Verizon's Data Breach Investigations Report; Investment TrendsIn the latest weekly update, ISMG editors discussed what the thousands of attendees at RSA Conference 2024 can expect this year, key insights from Verizon's Data Breach Investigations Report, and how significant funding rounds are shaping the cybersecurity industry.

Bank Info Security 2 years, 2 months ago

Breach Roundup: REvil Hacker Gets Nearly 14-Year Sentence

Also: Another Ivanti Zero-Day? And FBI Calls for Strengthening DMARC PoliciesThis week, REvil hacker sentenced; ZDI saw possible Ivanti-zero-day; FBI said to strengthen DMARC policies; Okta saw surge in credential stuffing attacks; French hospital refused to pay ransom; JPMorgan, debt collection agency and healthcare company were breached; and ex-NSA employee was sentenced.

Bank Info Security 2 years, 2 months ago

Managed Service Provider Denies Being Source of Breach

Health Analytics Firm Said Hackers Stole Data on 1 Million by Hacking MSP's NetworkWho's responsible for a breach that exposed personal information for 1.1 million individuals? While a Maine consultancy blamed the breach on a managed service provider's network getting hacked, the MSP said the network was entirely owned and operated by its now-former customer.

Bank Info Security 2 years, 2 months ago

Dropbox Sees Breach of Legally Binding E-Signature Service

All Dropbox Sign Users' Emails Stolen, Plus Some MFA and OAuth Tokens, API KeysDropbox said hackers breached its infrastructure and stole swaths of customer data for its legally binding electronic signature service, Dropbox Sign, including names, emails, hashed passwords and authentication tokens. The company has begun forcing password resets and API key rotation.

Bank Info Security 2 years, 2 months ago

Qantas Airways Says App Showed Customers Each Other's Data

Customers Report Seeing Each Other's Bookings, Inadvertent Flight CancellationsAustralian's Qantas Airways has confirmed suffering a data breach after its app began inadvertently exposing other customers' data to each other. While the airline said no financial data was exposed, customers reported seeing other people's details, as well as unexpected flight cancellations.

Bank Info Security 2 years, 2 months ago

Verizon Breach Report: Vulnerability Hacks Tripled in 2023

Data Breach Report Lead Author Alex Pinto Discusses Top Findings, Best PracticesVerizon's 17th annual 2024 Data Breach Investigations Report highlights a troubling trend: The exploitation of vulnerabilities in the wild has tripled, primarily due to ransomware actors targeting zero-day vulnerabilities, such as the MOVEit flaw that triggered numerous data theft incidents.

UnitedHealth confirms that Change Healthcare's network was breached by the BlackCat ransomware gang, who used stolen credentials to log into the company's Citrix remote access service, which did not have multi-factor authentication enabled. [...]