NEWS & UPDATES

The U.S. National Football League has reportedly seen a huge data leak where 1,113 players had their personal information posted online.

The website for the NFL Players Association also included contact information for the players and their agents in the reach. Exposed information apparently included:

• Email addresses and mobile telephone numbers
• Home addresses of agents
• IP addresses for users when signing in
• Logged information for the website was accessed
• Advisor fee percentages

Read More

It’s a potentially deadly combination: healthcare data and mobile apps.  In fact, one of the world’s largest diagnostics service providers had its security wall breached as a result of a mobile app exposing medical data. So, it has happened.

Reportedly, around 34,000 customers had personal and medical information accessed during the breach. The information included customers’ names, dates of birth, health records and some telephone numbers.

Thankfully, the breach did not include any financial details like bank account numbers, sort codes and NI numbers. But it raises serious doubts over whether the healthcare industry is really secure enough to combine with the mobile app industry. Is it just too risky?
Read More

Newkirk Products Inc, a company who provides ID cards for health insurance plans, revealed a data breach took place last year that allowed unauthorised access to a server that contained member information.

The server that was hacked reportedly contained the data for an estimated 3.3 million members.

Now, this is the kind of breach that can be very dangerous several years after the event. With cybercriminals known to hold on to information for future use, any victim of a data breach needs to be wary.
Read More

Last October, the Australian Red Cross Blood Service had 1.74 GB of backup data compromised. This reportedly included 1.3 million rows and 645 tables containing personal information belonging to some 550,000 online blood donor applications.

The following details were reportedly made publicly available: Name; Gender; Postal address; Email address; Gender; Phone number; Date of Birth; Country of Birth; Blood Type; Type of donation.

Other information relating to blood donations like donor eligibility answers and appointments were also revealed. Some of this can certainly be classed as very sensitive information indeed.
Read More

U.S. District Judge, Lucy Koh, has said Yahoo must face huge lawsuits brought against them on behalf of over a billion individuals who had their personal data compromised in the well-reported Yahoo breaches.

Verizon communications acquired Yahoo for $4.76 billion in June in a bid to limit liability, and contended that victims didn’t have any legal standing to sue. Judge Koh rejected this over a 93-page decision and held that victims who had their personal data breached by Yahoo’s apparent multiple failures as a data controller could pursue breach of contract as well as unfair competition.
Read More

Insurance and financial services giant Nationwide Mutual Insurance has agreed to pay out around £4 million to settle a colossal data breach that reportedly exposed personal data belonging to 1.27 million of their consumers.

Nationwide Mutual Insurance was attacked by hackers who managed to obtain a haul of personal data, including: Social security numbers; Driving licence details; Credit scores; and other personally identifiable information.

With this information, hackers and cybercriminals can be equipped with the tools required to commit identity fraud and therefore inflict huge harm and disruption to lives of the victims.
Read More

At the capital of the United States, the District of Columbia Circuit Court of Appeals ruled that customers are permitted to sue CareFirst for a data breach that reportedly compromised 1.1 million of their customers’ personal information.

A relatively small number of customers brought the class action (group action) lawsuit, alleging that the health insurance provider had attributed to the breach for their carelessness and lack of cybersecurity.
Read More

Data breaches continue to happen more and more often, and there still doesn’t seem to be all that much being done to stop them.

We don’t need to remind companies about the worst data breaches; we’re sure they’re fresh in peoples’ minds having been splashed all over the news for so long.

In this article, we’ll take a look at some of the biggest data breaches as ranked by cybersecurity journalist, Anas Baig.
Read More

The Kansas Department of Commerce’s employment service has reportedly been hacked with almost a total of 6.5 million records stolen.

The agency’s job-seeking division Job Link Alliance-TS was breached and its databases were illegally accessed. As the organisation’s nature is to help people find and apply for jobs, they hold a wealth of information including individuals’ personal contact information, résumés (CVs) and social security numbers. In the U.S, the social security number is one of the most sensitive types of information that can be stolen. With a social security number, criminals can steal a person’s identity.
Read More

According to Help Net Security, the cost of data breaches has declined by 10% from 2016 to 2017.

It’s bizarre given that all we ever read about and hear is the increasing costs of data breaches to businesses! We should also consider the fact that 2017 isn’t over yet!

The Ponemon Institute study (sponsored by IMB Security) conducts independent research on privacy, data protection and information security policy. They aim to inform companies and organisations on how to improve their data protection initiatives and therefore enhance their reputation as a trusted organisation who are being proactive in data protection.
Read More

In what could be the country’s largest ever data breach incident, Jio Reliance may have compromised 100 million users’ records after information was allegedly stolen and put online.

The data in question was put on an independent website called Magicapk, but has since been removed.  The information reportedly included: Full names; Mobile contact numbers; Email addresses; Aadhaar numbers; and SIM card activation dates & times.

This is one huge data breach incident; if its authenticity is to be established…
Read More

Hard Rock Hotels & Casino has been hit by a cyber-attack that occurred through a third-party hotel reservation system.

A cyber-attack is thought to have happened on 10^th August 2016 where a hotel reservation system, run by Sabre Hospitality Solutions SynXis, was breached. When the breach was discovered, Sabre informed Hard Rock Hotels & Casinos of the breach; but this wasn’t until June 2017.

That’s a long time to pass before a breach is identified…
Read More