Sophos is warning that some of its customers may have had their data exposed to a misconfigured internal system, according to a published report. The security firm confirmed that a "small set" of customers was affected.
Last week, fraudsters targeted two cryptocurrency platforms by accessing domains managed by GoDaddy, according to notices published by the victimized firms. The domain register company previously has had issues with unauthorized access.
A U.S. unit of Italian-based eyewear maker and eye care center conglomerate Luxottica has reported a breach affecting over 829,000 individuals - the fourth largest health data breach added to the U.S. federal tally so far this year. It's unclear if a recent ransomware attack is related.
Japanese computer game company Capcom acknowledged this week that a November security incident was a Ragnar Locker ransomware attack that resulted in about 350,000 customer and company records, including sales and shareholder data, potentially being compromised.
An unauthorized person apparently gained access to a database of insurance software firm Vertafore and compromised the driver's license information of over 27 million Texans. Security analysts say a misconfigured database is the likely culprit.
Chat and collaboration software tools such as Slack are critical for software development teams. But a data breach experienced by Utah-based software developer WildWorks illustrates why developers should think twice before sharing sensitive database keys over chat.
Inadequate database and privileged account monitoring, incomplete multifactor authentication and insufficient use of encryption: Britain's privacy regulator has cited a raft of failures that contributed to the four-year breach of the Starwood guest reservation system discovered by Marriott in 2018.
California voters passed Proposition 24, the California Privacy Rights Act, on Nov. 3, which expands upon the recently activated California Consumer Privacy Act specifically when it comes to enforcement and how businesses handle personal data.
CISA and Oracle are urging users to apply an emergency patch for a vulnerability in the software giant's WebLogic Server product. This "severe" bug is already under active exploitation and could allow an attacker to run malicious code, security experts say.
Microsoft plans to patch on Nov. 10 a zero-day kernel vulnerability found by Google's Project Zero bug-hunting team. Google released the details of the flaw after a week because attackers are using it in the wild.
In a notification letter filed to the Montana Department of Justice, precious metal trader JM Bullion has revealed that an unknown amount of customer information has been compromised in a data breach. The security incident took place over a five-month period earlier this year.
Large, recently levied privacy fines against the likes of British Airways, H&M and Marriott show regulators continuing to bring the EU's General Data Protection Regulation to bear after businesses get breached. But in the case of Marriott and BA, were the final fines steep enough?
Dr. Reddy's Laboratories, a multinational pharmaceutical company based in India that's testing a COVID-19 vaccine, says it isolated its data center services Thursday following what it calls a "detected cyberattack."
Books retailer Barnes & Noble is investigating a security incident involving unauthorized access to its corporate systems, including those storing customers' information. To begin its mitigation efforts, the company shut down its systems, which meant its Nook e-book platform was offline.