Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

28 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 28 Filtered view
Bank Info Security 1 month, 3 weeks ago

Liberty Mutual Sued Over Alleged Everest Group Data Theft

Incident Comes Months After NYS Fined Liberty Mutual $2M in Other HacksInsurance carrier Liberty Mutual is facing proposed class action litigation filed by policyholders who allege their sensitive information was compromised in an April data theft claimed by cybercrime gang Everest Group. The incident is the company's latest data security related troubles.

Bank Info Security 8 months, 1 week ago

Lawsuits, Investigations Piling Up in Conduent Hack

Largest Breach of 2025 Hits 10.5M People, Multiple Insurers, State AgenciesProposed federal class action litigation and various investigations are piling up against Conduent Business Solutions following its recent public disclosure that an October 2024 hacking incident potentially compromised personal and health information of more than 10.5 million people.

Bank Info Security 8 months, 3 weeks ago

Yale New Haven Health Will Pay $18M to Settle Hack Lawsuit

March Breach Affected Nearly 5.6 Million; NextGen Proposed Settlement Also ReachedConnecticut's largest healthcare network - Yale New Haven Health System - has agreed to pay $18 million to settle class action litigation filed in the aftermath of a March hack affecting nearly 5.6 million people. The incident ranks as the biggest health data breach reported so far in 2025.

Bank Info Security 8 months, 3 weeks ago

Radiology Practice to Pay $3.4M-Plus to Settle Hack Lawsuit

2023 Data Theft Affected Nearly 887,000 PatientsA radiology practice that has been serving patients in North Carolina for about 70 years agreed to pay more than $3.4 million to settle proposed class action litigation filed in the wake of a 2023 hacking incident that compromised the sensitive information of nearly 887,000 individuals.

Bank Info Security 9 months, 3 weeks ago

Delaware Health System Plans to Settle Rhysida Hack Lawsuit

Bayhealth Medical Center Was Among Cybercrime Group's Many 2024 Healthcare VictimsBayhealth Medical Center in Delaware - an alleged victim of a 2024 hack by the "notorious" and prolific ransomware gang Rhysida that resulted in a breach affecting nearly a half-million people - has agreed to a preliminary settlement in a proposed class action lawsuit stemming from the incident.

Bank Info Security 1 year, 1 month ago

$5.48M Lawsuit Settlement Reached in Software Vendor Hack

Several Affected HealthEC Healthcare Clients Are Chipping in to Fund SettlementA provider of artificial intelligence-enabled hospital cost-cutting software and several of its healthcare clients agreed to $5.48 million to settle proposed class action litigation involving a 2023 hacking incident affecting 4.6 million individuals.

Medical Imaging Provider's Data Theft Incident Affected Nearly 2.4M IndividualsShields Health Care Group, a Massachusetts-based provider of medical imaging services with 30 facilities in New England, agreed to pay $15.35 million to settle a consolidated proposed class action litigation centered on a 2022 hacking incident that affected nearly 2.4 million individuals.

Bank Info Security 1 year, 2 months ago

UK NHS Rolls Out Voluntary Cyber Charter for IT Suppliers

Urges Companies to Regularly Patch Their ProductsThe British National Health Service is prodding suppliers to commit to voluntary cybersecurity measures in a bid to prevent disruptive hacks. Among the proposed measures are regularly patching IT systems, instituting multifactor authentication and requiring IT suppliers to monitor and log their systems to allow prompt incident response.

Bank Info Security 1 year, 3 months ago

UK Government Previews Cybersecurity Legislation

Government Says Managed Service Providers Need More RegulationThe British government pledged to introduce stricter rules surrounding incident reporting and supply chain vulnerability patching through legislation it previewed in July 2024. The proposed Cyber Security and Resilience Bill will bring under its scope managed service providers.

Bank Info Security 1 year, 4 months ago

Accounting Firm Notifying 217,000 of Health Data Hack

CPA Says Clients' Employee Benefit Plan Information Compromised in 2024 IncidentA certified public accounting firm that provides services to labor unions, non-profits and other organizations for employee benefit plans is notifying nearly 217,000 people of a 2024 hack. The firm is already facing at least five proposed federal class action lawsuits related to the breach.

Trend Micro Research, News and Perspectives 1 year, 4 months ago

From Event to Insight: Unpacking a B2B Business Email Compromise (BEC) Scenario

Trend Micro™ Managed XDR assisted in an investigation of a B2B BEC attack that unveiled an entangled mesh weaved by the threat actor with the help of a compromised server, ensnaring three business partners in a scheme that spanned for days. This article features investigation insights, a proposed incident timeline, and recommended security practices.

Bank Info Security 1 year, 6 months ago

Biotech Firm to Pay $7.5M to Settle Lawsuit in 2023 Hack

Enzo Biochem Previously Paid Three States $4.5M in Fines for Same BreachBiotech firm Enzo Biochem has agreed to pay $7.5 million to settle a consolidated proposed class action lawsuit involving a 2023 ransomware attack affecting 2.5 million people. The company has already paid $4.5 million in fines to three state attorneys general for the same incident.

British Government Proposals Also Include Payment Bans for Critical InfrastructureBanning ransom payments by public sector and critical infrastructure entities, notifying the government of any intent to pay a ransom, and reporting incidents to authorities comprise three counter-ransomware initiatives proposed by the British government. Which ones will pass muster?

Bank Info Security 1 year, 6 months ago

Could HIPAA Security Update Mean Bigger Lawsuit Payouts?

Experts Expect Breach Lawsuits to Multiply, Bolstered by New Compliance StandardsTampa General Hospital has agreed to pay $6.8 million to settle a consolidated proposed federal class action lawsuit filed in a the wake of a 2023 data theft incident affecting about 2.1 million people. How might a potential update to the HIPAA Security Rule affect similar lawsuits moving forward?

Bank Info Security 1 year, 8 months ago

Dental Center Chain Settles Data Breach Lawsuit for $2.7M

2023 Hacking Incident Affected 1.9 Million Patients, EmployeesA Michigan-based dental practice with 250 centers across nine states has agreed to pay $2.7 million under a preliminary settlement of a proposed consolidated class action lawsuit centered on a 2023 hacking incident reported as affecting more than 1.9 million patients and employees.

Bank Info Security 1 year, 9 months ago

Ex-NCSC Chief: UK Cyber Incident Reporting a 'Good Step'

Cyber Security and Resilience Bill Includes 72-Hour Reporting Deadline, Hefty FinesThe U.K. government's proposed Cyber Security and Resilience Bill is a "good step forward" to encourage ransomware incident reporting, said Ciaran Martin, the former NCSC chief. But he said the success of the new regulations also hinges on the support mechanism for cyber victims.

Millions of Customers Will Also Be Offered Monitoring of Genetic Data on Dark WebGenetics testing firm 23andMe will offer cash payments to millions of individuals whose sensitive data was compromised in a 2023 credential stuffing incident. Under the proposed $30 million lawsuit settlement, affected customers will also be offered dark web monitoring of their genetic data.

Bank Info Security 1 year, 10 months ago

Radiology IT Vendor Hack Hits 4 Practices, 411,000 People

Tennessee-Based Specialty Networks Incident Is Latest Attack on Business AssociatesA vendor that provides information systems and transcription services to radiology practices is alerting 411,037 people of a hack discovered last December involving the theft of sensitive data. The firm already faces at least four proposed federal class action lawsuits related to the hack.

After all, it's only about keeping the essentials on – no rush America's long-awaited cyber attack reporting rules for critical infrastructure operators are inching closer to implementation, after the Feds posted a notice of proposed rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA).…

Bank Info Security 2 years, 3 months ago

CISA Seeks Public Input on Cyber Incident Reporting Rules

US Cyber Defense Agency Proposes 72-Hour Reporting Rule for Covered EntitiesThe U.S. Cybersecurity and Infrastructure Security Agency posted its proposed rulemaking to the Federal Register aiming to implement a 72-hour reporting requirement for covered critical infrastructure entities as required under the Cyber Incident Reporting for Critical Infrastructure Act of 2022.

Loading more headlines...