Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

19 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 19 most recent headlines Filtered view
Bank Info Security 1 month, 3 weeks ago

Liberty Mutual Sued Over Alleged Everest Group Data Theft

Incident Comes Months After NYS Fined Liberty Mutual $2M in Other HacksInsurance carrier Liberty Mutual is facing proposed class action litigation filed by policyholders who allege their sensitive information was compromised in an April data theft claimed by cybercrime gang Everest Group. The incident is the company's latest data security related troubles.

Bank Info Security 5 months, 2 weeks ago

Ambulance Billing Firm Pays $515K Fine to 2 States in Hack

Comstar Paid Feds $75K Last Year to Settle HIPAA Allegations in Same 2022 BreachAn ambulance billing and collections firm has agreed to pay $515,000 to Massachusetts and Connecticut regulators and implement a prescriptive information security program in the aftermath of a 2022 hacking incident affecting the sensitive information of nearly 350,000 residents in those states.

Bank Info Security 7 months, 3 weeks ago

Breach Roundup: Recently Patched Oracle Flaw Under Attack

Also: npm Packages Infiltrated, FBI Issues Fraud Alert, Campbell's Soup Cans CISOThis week, a recently fixed Oracle flaw is being actively exploited, Shelly tackled Pro 4PM DoS bug, "Shai-Hulud 2.0" hit npm, the FBI warned of rising bank account takeover scams, regulators fined Comcast over a vendor breach, Iberia reported a supplier incident and Campbell's canned its CISO.

Bank Info Security 9 months, 1 week ago

EyeMed Agrees to Pay $5M to Settle Email Breach Litigation

2020 Hack Has Cost EyeMed About $12.6M in Multiple Regulatory Fines, SettlementsBenefits provider EyeMed Vision Care has agreed to pay $5 million and improve its security practices to settle class action litigation involving a 2020 phishing breach. The incident has been the subject of previous multimillion dollar settlements and enforcement actions by multiple state regulators.

Bank Info Security 11 months, 1 week ago

Australian Privacy Regulator Sues Optus Over 2022 Hack

Telecom May Face Up to $2.22 Million Per Violation in FinesThe Australian privacy watchdog sued Optus, saying the country's second largest telecom failed for years to protect sensitive customer data breached during a September 2022 incident affecting nearly 10 million people. The regulator said Optus faces a potential fine of up to AU$21.9 trillion.

Bank Info Security 1 year, 6 months ago

Biotech Firm to Pay $7.5M to Settle Lawsuit in 2023 Hack

Enzo Biochem Previously Paid Three States $4.5M in Fines for Same BreachBiotech firm Enzo Biochem has agreed to pay $7.5 million to settle a consolidated proposed class action lawsuit involving a 2023 ransomware attack affecting 2.5 million people. The company has already paid $4.5 million in fines to three state attorneys general for the same incident.

Bank Info Security 1 year, 6 months ago

Florida Firm Fined $337K by Feds for Data Deleted in Hack

Behavioral Health Company Lost Electronic PHI for Nearly 3,000 Patients in BreachA Florida-based behavioral health holding company has paid federal regulators a $337,750 HIPAA settlement for a 2018 incident involving the deletion of electronic protected health information pertaining to nearly 3,000 patients. How should other entities avoid these data loss situations?

AG Says HealthAlliance Tried But Failed to Fix Zero-Day Flaw That Led to ExploitNew York State has levied a $550,000 fine against a healthcare group that tried - but failed - to patch a critical zero-day vulnerability in a Citrix NetScaler appliance used for telemedicine. Hackers exploited the flaw, stealing 196 gigabytes of data in an incident affecting 242,000 people.

Bank Info Security 1 year, 9 months ago

Ex-NCSC Chief: UK Cyber Incident Reporting a 'Good Step'

Cyber Security and Resilience Bill Includes 72-Hour Reporting Deadline, Hefty FinesThe U.K. government's proposed Cyber Security and Resilience Bill is a "good step forward" to encourage ransomware incident reporting, said Ciaran Martin, the former NCSC chief. But he said the success of the new regulations also hinges on the support mechanism for cyber victims.

Telecom Company Also Faces OAIC Investigation and Potentially Millions in FinesThe Australian Communications and Media Authority says it has filed proceedings against Optus in a federal court as the company failed to protect sensitive customer data during a data breach in September 2022. The Office of the Australian Information Commissioner is also investigating the incident.

Bank Info Security 2 years, 5 months ago

Medical Center Fined $4.75M in Insider ID Theft Incident

HHS OCR Says a Malicious Worker Stole and Sold Patient Information in 2013HHS has fined a New York City medical center $4.75 million to settle potential HIPAA violations discovered during an investigation into a hospital insider who sold patient data to identity thieves in 2013. The hospital said it has beefed up its security and privacy since the incident occurred.

Bank Info Security 2 years, 7 months ago

Feds Levy First-Ever HIPAA Fine for a Phishing Breach

Incident That Affected 35,000 Urgent Care Clinic Patients Results in $480K FineWeeks after the Department of Health and Human Services announced its first HIPAA enforcement action in a ransomware breach, federal regulators have reached another milestone: a $480,000 settlement in a HIPAA case centered for the first time ever on a phishing attack.