Security news aggregator

Latest coverage for Fine

Stay informed on the latest in information security trends, breaches, and best practices with our expertly curated content on cyber safety.

113 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

A fine is a monetary penalty imposed by a competent authority or court for violating a law, regulation, or legally binding requirement. In information security and privacy, it may follow inadequate safeguards for personal data, unlawful processing, failure to meet required reporting or record-keeping duties, or non-compliance with sector-specific controls. The legal basis, maximum amount, and factors such as severity, duration, negligence, cooperation, and remediation vary by jurisdiction; a fine is generally punitive rather than compensation for affected parties.

For security practitioners, a fine signals that controls and security decisions may be examined as evidence of compliance. Maintain documented risk assessments, access reviews, patching decisions, supplier oversight, logging, and retention practices, especially where they protect regulated data. During an incident, preserve relevant records and establish an accurate timeline for containment, notification, and remediation. Privacy requirements such as data minimization and retention limits can therefore be security controls as well as legal obligations. A fine does not by itself establish that a particular attack or breach occurred.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 113 Filtered view

Investigators Found Months of Unchecked Database Scraping ActivitySouth Korea's privacy regulator fined Coupang a record 624.7 billion won after concluding that weak authentication controls, insider access abuse, evidence destruction and unauthorized data collection contributed to the exposure of personal information belonging to 33.7 million people.

Bank Info Security 1 month, 3 weeks ago

Liberty Mutual Sued Over Alleged Everest Group Data Theft

Incident Comes Months After NYS Fined Liberty Mutual $2M in Other HacksInsurance carrier Liberty Mutual is facing proposed class action litigation filed by policyholders who allege their sensitive information was compromised in an April data theft claimed by cybercrime gang Everest Group. The incident is the company's latest data security related troubles.

Bank Info Security 2 months, 1 week ago

NY Fines Delta Dental $2.25M Over 2023 MOVEit Hack

Investigators Find Violations of State Cyber RegulationsNew York fined Delta Dental $2.25 million for the company's response to the mass exploit of a zero-day vulnerability in Progress Software' MOVEit file transfer application. Delta Dental is one of thousands of organizations caught up in the blast radius of an automated 2023 Memorial Day hack.

Bank Info Security 2 months, 2 weeks ago

Cybersecurity Experts Unimpressed With CISA OT Guidance

Zero Trust Is 'Essential' - But Who Pays for It?New guidance from the U.S. Cybersecurity and Infrastructure Security Agency on adapting zero trust security principles for operational technology is fine as far as it goes, but is pretty high-level and ignores or fudges a couple of key questions, say executives and experts.

Bank Info Security 2 months, 3 weeks ago

Poor Risk Analysis Cost 4 Firms $1.7 Million in HIPAA Fines

HHS OCR Breach Investigators Again Find All-Too-Common Risk Analysis FailuresFaulty or non-existent security risk analyses cost a medical imaging provider, a women's healthcare group, a health plan and a third-party insurance administrator a collective $1.7 million in fines after federal regulators concluded they didn't do enough to prevent ransomware attacks.

Bank Info Security 2 months, 3 weeks ago

Setbacks Cost Healthcare Firms $1.7M in HIPAA Fines

HHS OCR Breach Investigators Again Find All-Too-Common Risk Analysis FailuresFaulty or non-existent security risk analyses cost a medical imaging provider, a women's healthcare group, a health plan and a third-party insurance administrator a collective $1.7 million in fines after federal regulators concluded they didn't do enough to prevent ransomware attacks.

Also: ZachXBT Uncovers DPRK Worker Scam, Hyperbridge Hack, Coinone FineThis week, Operation Atlantic disrupts $45M phishing fraud, ZachXBT uncovers DPRK crypto worker scheme, Hyperbridge exploit, South Korea fines Coinone $3.5M, Kraken faces extortion attempt over insider data leak and American musician loses $420K in fake Ledger app.

Bank Info Security 3 months, 2 weeks ago

State AG Sues Change Healthcare in 2024 Ransomware Attack

Iowa Seeking Civil Monetary Fines, Damages for Alleged ViolationsIowa's state attorney general is seeking financial damages, civil penalties and improvements to UnitedHealth Group's data security practices for alleged violations of state and federal laws and other claims involving the 2024 ransomware attack on its Change Healthcare unit.

Bank Info Security 5 months, 2 weeks ago

Ambulance Billing Firm Pays $515K Fine to 2 States in Hack

Comstar Paid Feds $75K Last Year to Settle HIPAA Allegations in Same 2022 BreachAn ambulance billing and collections firm has agreed to pay $515,000 to Massachusetts and Connecticut regulators and implement a prescriptive information security program in the aftermath of a 2022 hacking incident affecting the sensitive information of nearly 350,000 residents in those states.

Bank Info Security 5 months, 3 weeks ago

Breach Roundup: DOGE Uploaded Social Security Data to Cloud

Also, CIRO Phishing Breach, Ingram Micro Ransomware and CVE SurgeThis week, DOGE posted sensitive data on an outside server. A phishing attack affected 750,000 Canadians. A hacktivism warning from the U.K. NCSC. An Ingram Micro breach. CVEs surged in 2025. SK Telecom challenged a fine. Researchers disclosed Chainlit flaws. North Korean hackers abused VS Code.

Bank Info Security 5 months, 3 weeks ago

Breach Notifications in Europe Rise, While Fines Hold Steady

$1.4 Billion in Known Fines Levied in 2025, Despite Criticism From Outside EUThe volume of data breach notifications being issued to Europeans increased by one-fifth over the past year, while the total fines being imposed by data protection authorities held steady, adding up to 1.2 billion euros for the second year in a row, led by Ireland, says a global law firm.

Regulators Cite Sales of Sensitive Health, Demographic DataCalifornia state regulators fined a Texas company that buys and sells data for targeted marketing, including lists pertaining to health conditions of older adults, as part of a crackdown on data brokers. The firm is now banned from selling all Californians' personal information.

Bank Info Security 7 months ago

UK ICO Fines LastPass Over 2022 Data Breach

Password Manager Must Pay 1.2M PoundsThe British data regulator imposed a fine of 1.2 million pounds against password manager LastPass over a 2022 data breach that exposed the data of millions of its customers. Unidentified hackers stole backup data from LastPass's Amazon Web Services S3 bucket.

Bank Info Security 7 months, 3 weeks ago

Breach Roundup: Recently Patched Oracle Flaw Under Attack

Also: npm Packages Infiltrated, FBI Issues Fraud Alert, Campbell's Soup Cans CISOThis week, a recently fixed Oracle flaw is being actively exploited, Shelly tackled Pro 4PM DoS bug, "Shai-Hulud 2.0" hit npm, the FBI warned of rising bank account takeover scams, regulators fined Comcast over a vendor breach, Iberia reported a supplier incident and Campbell's canned its CISO.

Bank Info Security 7 months, 3 weeks ago

UK Parliamentary Committee Recommends Software Liability

Security by Design or Be Fined, Committee SuggestsA U.K. parliamentary committee is recommending a new statute forcing software publishers to hew to secure-by-design principles or else face financial penalties. The committee called for "enforcement agencies" empowered to levy fines to monitor industry for compliance.

Also: Samourai Wallet Founder Sentenced, $128M Balancer Hack Post-MortemThis week, "Bitcoin Queen" sentenced, as was Samourai Wallet co-founder Keonne Rodriguez, Balancer hack post-mortem, Coinbase's 21 million euro fine, mistrial in $25 Million Ethereum exploit case. Spanish authorities detained a crypto influencer and accused the United States of a crypto heist.

Bank Info Security 8 months ago

UK Unveils Cyber Security and Resilience Bill

Legislation Proposes More Regulations for Greater Swath of the UK EconomyThe British government introduced Wednesday long-anticipated cybersecurity legislation aimed at tackling disruptive hacks targeting critical national infrastructure. Companies that run afoul of the new regulations could face daily fines that amount to 10% of their global revenue.

AGs Cite Security Failures Leading to Illuminate Education's Late 2021 Data TheftA California-based vendor of software used to collect and analyze student data, including records of children with disabilities and special educational needs, has been fined a total of $5.1 million by the attorneys general in three states in the wake of a 2021 hack that affected 3 million people.

Bank Info Security 8 months, 3 weeks ago

Breach Roundup: the Qilin Hack That Wasn't

Also, Envoy Air Confirms Data Compromise Following Clop Extortion CampaignThis week, Qilin didn't hack a Spanish tax agency, Nexperia standoff, Envoy Air confirmed a data compromise, Experian Netherlands fined 2.7M euros, ToolShell used to breach global networks, flaws in TP-Link Omada and Festa VPN routers and a New York firm settled a cybersecurity investigation.

Loading more headlines...