Data security breaches
- December 05, 2019
A security researcher used a mishandled session cookie to access private HackerOne bug reports with an account takeover attack and earned a bug bounty for their efforts.
- November 14, 2019
InfoTrax settled an FTC complaint over an extensive data breach that lasted two years. Now, it can no longer collect any personal data until it implements its own infosec program.
- November 12, 2019
For all of the talk about data breach class action lawsuits, virtually none of them reach a courtroom. Here's why and how data breach lawsuits almost always end in settlements.
- November 04, 2019
Determining the value of consumers' personal data exposed in a breach can be a challenge. Security and legal experts discuss what factors are involved in the equation.
- October 03, 2019
Zendesk disclosed a previously undetected security incident from 2016 in which data for 10,000 customer accounts was accessed, but the disclosure is missing some key details.
- September 27, 2019
The New York attorney general filed a lawsuit against Dunkin' Brands regarding attacks dating back to 2015 and alleges the company failed to respond or notify victims properly.
- August 29, 2019
The alleged Capital One hacker, Paige Thompson, was charged with additional counts of fraud and abuse for stealing data from more than 30 other organizations.
- August 05, 2019
Infosec pros warn of server-side request forgery vulnerabilities in AWS following the Capital One data breach, which may have revealed an issue regarding the AWS metadata service.
- August 02, 2019
History from a Slack channel run by the Capital One data breach suspect points to data stolen from more organizations, but no evidence of other attacks has been found yet.
- July 30, 2019
The FBI arrested a former AWS engineer who allegedly stole data for more than 100 million Capital One customers and credit card applications, thanks to a misconfigured firewall.
- July 30, 2019
Enterprises have disclosed a number of significant data breaches in the first half of 2019. Here's a look at some of the biggest and most notable breaches so far this year.
- July 24, 2019
An investigation revealed the password spraying attack that gave malicious actors access to Citrix systems resulted in only some business documents being stolen.
- July 22, 2019
Under the settlement with the FTC and state attorneys general, Equifax will fork over at least $575 million in civil penalties and provide credit monitoring services to consumers.
- July 16, 2019
Facebook will reportedly be hit with a $5 billion fine by the FTC following an investigation into multiple privacy issues, and experts said other enterprises should take note.
- March 25, 2019
FEMA's data exposure is another high-profile example of accidental data disclosures -- a trend that has some security experts calling for more focus on failed security controls.