Security News 

Over 113 Million Patient Records Were Breached in 2015

That's an 897 percent increase over the previous year, according to Redspin.

Vulnerabilities In Popular Software Surged by 60 Percent in 2015

And exploits rose by almost 40 percent, according to a recent Bromium report.

TaxSlayer, Alibaba Accounts Exposed by Password Reuse

Millions of accounts were accessed with username and password combinations stolen in unrelated breaches.

Neiman Marcus, UCF Acknowledge Data Breaches

Over 68,000 people are affected.

34 Percent of Security Pros Say Their Budgets Are Inadequate

And 37 percent don't have enough highly-skilled staff, a recent survey found.

HSBC Internet Banking Disabled by DDoS Attack

Although the bank says it 'successfully defended against the attack,' personal banking services were inaccessible for several hours.

Missing Hard Drives Expose 950,000 Centene Customers' PHI

The unencrypted drives held names, addresses, birthdates, Social Security numbers, member ID numbers and health information.

55 Percent of IT Pros Don't Know Where Their Company's Payment Data Is Stored

And 80 percent said that kind of uncertainty presents a high or very high risk to that data, a recent survey found.

91 Percent of IT Security Execs Say Their Company's Sensitive Data Is Vulnerable

And 39 percent have suffered a data breach or failed a compliance audit due to security issues in the past year alone, a recent survey found.

University of Virginia Breached by Phishing Attack

1,400 university employees' W-2 tax forms were accessed.

84 Percent of U.S., U.K. Organizations Have Been Breached by Spear Phishing Attacks

For U.S. businesses, the average cost of spear phishing was $1.8 million over the last 12 months alone, a recent survey found.

53 Percent of Oil and Gas Companies Report Surge in Cyber Attacks

Only 31 percent are confident in their ability to detect those attacks, a recent survey found.

Medical Data Breaches at Blue Shield, New West Expose 46,000 Customers' Info

A stolen laptop and a breach at a third-party vendor caused the data breaches.

Hyatt Breach Affected 250 Hotels Worldwide

Credit and debit card information was taken from hotel restaurants, spas, golf shops, parking, front desks and sales offices.

TaxAct Acknowledges Data Breach

The company says an undisclosed number of customers' tax returns 'may have been opened or printed.'

Missing Laptops, Drives Expose Thousands of Patients' Medical Data

Almost 60,000 patients' protected health information may have been exposed as a result of three incidents.

Carrier Pre-Loads Expand Keeper's Mobile Password Footprint

Mobile password manager app continues to expand user base, thanks to new carrier partnerships.

63 Percent of IT Pros Oppose Giving Governments Backdoor Access to Encrypted Data

And 83 percent support requiring companies to notify customers within 30 days of the discovery of a breach, according to a recent ISACA survey.

44 Percent of Enterprises Will Increase Security Budgets in Next 90 Days

Only 4 percent plan to decrease security spending over the same time period, a recent survey found.

User Passwords Exposed by Breaches at Time Warner, Linode

Linode has reset all user passwords, and Time Warner Cable says as many as 320,000 customers' email passwords may have been stolen.

Emsisoft Warns of New 'Ransom32' JavaScript Ransomware

The ransomware, which is the first to be programmed entirely in JavaScript, HTML and CSS, was developed using the NW.js platform.

Anti-ISIL Hackers Claim Responsibility for Massive Cyber Attack on BBC

The group, New World Hacking, claims the DDoS attack exceeded 600 Gbps.

91 Percent of Cyber Security Pros Say Passwords Won't Exist in 10 Years

66 percent already use authentication methods beyond passwords, a recent survey found.

93 Percent of Corporate Security Officials Say Human Behavior Presents Greatest Threat

Still, only 69 percent know what people do with their company's critical value data after accessing it, a recent survey found.

191 Million U.S. Voters' Personal Info Exposed by Misconfigured Database

'My immediate reaction was disbelief,' researcher Chris Vickery said.

Hyatt Hotels Hit by Credit Card Breach

It's not yet clear how many of the company's 627 properties worldwide are affected.

Hello Kitty Leak Exposes 3.3 Million Users' Data

186,261 minors are affected, according to Sanrio.

Iranian Hackers Breached New York Dam Two Years Ago

The hackers probed the system but didn't take control of it, the Wall Street Journal reports.

40 Percent of IT Pros Expect to Work on Christmas Eve and Christmas Day

And 50 percent worry that their company will suffer a data breach during the holidays, a recent survey found.

Landry's Restaurants Hit by Credit Card Breach

It's not yet clear which of the company's more than 500 properties may be affected.

Alleged VTech Hacker Arrested

It's not yet clear whether the person arrested was the same one who notified Motherboard about the breach.

80 Percent of Organizations Experienced a Cyber Security Incident in 2015

Still, 71 percent of IT pros expect their organizations to be more secure in 2016, a recent survey found.

One Third of CEOs Aren't Regularly Briefed on Cyber Security Issues

And 61 percent of global IT security pros think their CEOs don't know enough about cyber security, a recent survey found.

83 Percent of Tech Firms Say Excessive Sharing in the Cloud Is a Top Concern

Still, only 5 percent of organizations take active steps to protect credentials, a recent study found.

64 Percent of Consumers Would Stop Doing Business With a Company That Suffered a Financial Data Breach

49 percent said the same of breaches in which personal information was stolen, a recent survey found.

Hackers Hit Tunecore, JD Wetherspoon, Elephant Bar

The data potentially exposed includes full contact information, passwords, birthdates, and credit card data.

Two Thirds of SMB IT Decision Makers Aren't Fully Prepared to Deter Threats

And almost half believe their company is vulnerable to insider threats, a recent survey found.

Shevirah Moving Forward for Enterprise Mobile Pen Testing [VIDEO]

Security innovator Georgia Weidman discusses what her new startup is doing to help enterprise mobile security.

Over a Third of U.S. Retailers Don't Know Which Systems Their Temporary Workers Have Accessed

And over a quarter have no idea if those workers have ever accessed and/or sent data they shouldn't have, a recent survey found.

69 Percent of IT Pros Fear Migrating to Cloud Will Increase Data Breach Risk

And 43 percent worry about account hijacking after migrating to the cloud, a recent survey found.

Half of U.S. Enterprise Employees Reuse Work-Related Passwords

Almost two-thirds do the same for personal accounts, a recent survey found.

Australian Government Hit by Massive Cyber Attack

The 'intrusive and pervasive' attack dates back at least three months, the ABC reports.

Industry Experts Predict the Top Cyber Security Trends for 2016

From cloud services to the Internet of Things, the targets are shifting.

Only 28 Percent of Consumers Are Fully Confident in Mobile Device Security

Still, 32 percent use their mobile devices to send work-related emails, a recent study found.

Massive VTech Breach Affects 5 Million Customers, Including Children

4,833,678 parents and 227,622 children are affected.


Some employees' names and Social Security numbers were accessed, though it's not yet clear what other data, if any, may have been exposed.

Hilton Worldwide Admits Credit Card Breach

Cardholder names, payment card numbers, security codes and expiration dates may have been accessed.

Amazon Resets User Passwords in Response to Possible Breach

While there's no indication that the passwords were improperly accessed, Amazon says it has reset some passwords out of 'an abundance of caution.'

69 Percent of Executives Would Bypass Security Controls to Close a Deal

Still, 41 percent believe security should be more important than business flexibility, a recent survey found.

Can Mobile Apps Defend Themselves? Yes, Says Bluebox

Bluebox's approach goes beyond providing just a security wrapper for mobile applications.

Starwood Hotels Hacked

The point-of-sale systems at 54 of the company's hotels were infected with malware.

6 Million Georgia Residents' Personal Data Exposed by Mistake

The information exposed includes Social Security numbers and birthdates.

40 Percent of Companies Expect an Insider Data Breach Next Year

But 72 percent of security professionals say their board doesn't treat insider threats as seriously as external threats, a recent survey found.

MetroPCS, Nutmeg Customer Data Exposed by Mistake

Both breaches appear to have been the result of coding errors.

Docker Container Security: What's Next

Docker aims to improve container security with application scanning, user namespaces and other capabilities.

90 Percent of Industries Have Suffered Breaches of PHI

Only the utilities and management industries had no reported PHI breaches, according to a recent report.

Android Tablets Sold on Amazon Infected with Cloudsota Trojan

The tablets have been sold and delivered to over 17,000 customers in more than 150 countries.

Breach at Securus Technologies Exposes 70 Million Prison Phone Calls

The 37 GB cache includes records of calls placed by more than 63,000 inmates.

90 Percent of Organizations Experience At Least One Insider Threat a Month

The average organization experiences 9.3 such threats every month, according to recent research.

One Fifth of Those Who Find Lost USB Drives Use Them, Despite Risk

A recent study also found that 45 percent of employees receive no cyber security training at all.

Adobe Patches 17 Flash Vulnerabilities in Latest Update

Adobe's Flash is still heavily favored as a top attack vector, so you'd better update ASAP.

Most Businesses Are Too Confident About Data Security

While 83 percent said they're either fairly or very confident that they're secure against a data breach, just 49 percent had not experienced one.

Touchnote Acknowledges Data Breach

The exposed data includes customers' names, email addresses, mailing addresses, order histories and the last four digits of credit card numbers.

U.S. Government Officials Targeted by Iranian Hackers

Iran's Revolutionary Guard allegedly has an army of hackers trained in Russia.

47 Percent of Companies Were Breached in the Past Two Years

And 65 percent believe threat intelligence could have prevented or minimized the impact of those breaches, according to a recent survey.

Ransomware Is Now the Leading Mobile Malware Threat

And porn sites are now the top mobile infection vector, according to Blue Coat.

Reused Passwords Expose 1,827 Vodafone Accounts

The accounts were accessed using email addresses and passwords acquired elsewhere, according to the company.

Half of IT Security Pros Don't Think Their Organization Will Be Attacked

At the same time, 61 percent aren't confident in their organization's ability to detect advanced threats, a recent survey found.

Data Breach at Web Host Exposes 13 Million Passwords in Plain Text

The data, which appears to have been stolen in March 2015, includes names, user names, plain text passwords, and email addresses.

U.S. Has World's Worst Gender Gap in Cyber Security Education

69 percent of U.S. women said no teacher or career counselor had ever suggested a cyber security career to them, compared to 55 percent of U.S. men.

U.S. Senate Approves Cybersecurity Information Sharing Act

The bill passed the Senate by a vote of 74 to 21.

Hackers Use 900 CCTV Cameras to Launch DDoS Attacks

Hundreds of infected cameras were used to attack an Incapsula client -- and one of those cameras was five minutes away from Incapsula's offices.

TalkTalk Hacked Again

Names, addresses, birthdates, email addresses, phone numbers, TalkTalk account data, and credit card and bank account details may have been accessed.

Sony Settles Data Breach Lawsuit For Up to $8 Million

The amount ultimately paid by Sony could range from $5.5 million to $8 million.

93 Percent of Office Workers Engage in Risky Behavior Online

And IT professionals are actually more likely to do so than the average employee, according to an Intermedia survey.

Trend Micro Broadens Security Offering with HP TippingPoint Buy

Trend Micro adds intrusion prevention to its security arsenal with HP TippingPoint acquisition.

Cyber Insurance Premiums Surge in Response to High-Profile Data Breaches

Some companies are also finding their deductibles raised and their coverage limited, Reuters reports.

High School Hacker Breaches CIA Director's Email Account

The hacker claims to have accessed Brennan's application for top secret security clearance, along with other sensitive data.

Dow Jones Allegedly Hit by Russian Hackers Seeking Inside Information

The company says it's investigating 'whether there is any truth whatsoever to this report by a competitor news organization.'

Alleged Hacker Charged With Providing Support to ISIL

Ardit Ferizi is accused of providing ISIL with the personal information of approximately 1,351 U.S. military and government personnel.

Suspected Iranian Hackers Leverage Fake LinkedIn Profiles to Target Victims

The 25 profiles appear to be tied to the Iranian hacker group TG-2889.

America's Thrift Stores Acknowledges Credit Card Breach

Customers who used credit or debit cards at any of the company's locations between September 1, 2015 and September 27, 2015 may be affected.

Dow Jones Hacked

The hackers appear to have been targeting customer contact information, though in fewer than 3,500 cases, payment card data may also have been stolen.

48 Percent of Used Hard Drives Sold Online Contain Residual Data

The same is true of 35 percent of used mobile devices, according to a recent study.

Amazon, Google Boost Cloud Security Efforts

Amazon and Google, two of the biggest cloud players, roll out new services in a bid to help cloud users be safer.

Codoso Group Hackers Breach Samsung Subsidiary LoopPay

The breach remained undetected for five months, according to the New York Times.

Cisco Disrupts Infrastructure Behind $60 Million Ransomware Campaign

The researchers found that 'an inordinate number of proxy servers' used by the Angler Exploit Kit were on servers belonging to Limestone Networks.

Cybercrime Now Costs the Average U.S. Organization $15 Million Per Year

The average cost to resolve a single attack is now more than $1.9 million, according to the Ponemon Institute.

Scottrade Acknowledges Two-Year-Old Data Breach

Approximately 4.6 million customers are affected.

Experian Data Breach Exposes 15 Million T-Mobile Customers' and Applicants' Personal Info

Names, addresses and birthdates were exposed, along with encrypted Social Security numbers, and/or driver's license or passport numbers.

84 Percent of IT Pros Have Moderate to No Confidence in Ability to Secure Files

Fully 80 percent of organizations have experienced file data leakage incidents, according to an Enterprise Management Associates survey.

Thousands of Critical Medical Devices Exposed Online

'These devices are getting owned repeatedly,' security researcher Mark Collao said.

Trump Hotels Confirms Credit Card Breach

Customers who used credit or debit cards at the Trump International Hotel & Tower Las Vegas between May 19, 2014 and June 2, 2015 may be affected.

Hilton Hotels Hacked

It's not yet clear which locations may be affected by the breach, which could date back as far as November 2014.

38 Percent of IT Security Pros Don't Participate in Their Own BYOD Programs

And 28 percent of enterprises do nothing at all about mobile security, a recent Bitglass survey found.

87 Percent of Business, IT Pros Expect Mobile Payments Breaches to Grow

But 42 percent have used mobile payments this year regardless of the risks, a recent ISACA survey found.

OPM Breach Exposed 5.6 Million People's Fingerprints

The new disclosure is a result of the government's ongoing effort to determine what data was impacted by the breach.

Former CVS Employee Steals Molina Healthcare Members' PHI

'This may put you at risk for identity theft,' Molina Healthcare told those affected.

Splunk Expands Security Tools with New Product Releases

Splunk Enterprise Security 4.0 and Splunk User Behavior Analytics debut.

Millions Infected by Malware in Apple App Store

The malware is capable of launching phishing attacks and stealing data from the user's clipboard.

Thefts of Unencrypted Laptops Expose 7,000 Patients' Medical Data

The information potentially exposed includes names, birthdates, Social Security numbers and treatment information.

Symantec Issues Fraudulent Google SSL Cert

Google's Certificate Transparency effort saves the day in case of improperly issued EV-SSL certificate.

Kremlin Hit by Cyber Attacks

'The defense system worked, even though it was not easy,' Vladimir Putin's press secretary said.

Judge Certifies Banks' Class Action Lawsuit Against Target

Target spokeswoman Molly Snyder said the company is 'disappointed' in the ruling.

Russian Hacker Pleads Guilty to Theft of 160 Million Credit Card Numbers

The scheme, which caused more than $300 million in losses, is the largest ever prosecuted in the United States.

Providers in California, Michigan, Mississippi Admit HIPAA Violations

Patient data was potentially exposed by insider breaches and phishing attacks.

Stolen Device Exposes Thousands of Lloyds Bank Customers' Data

The unencrypted device held names, addresses, account numbers and sort codes.

U.S. Department of Energy Hacked 159 Times

The DOE reported 1,131 cyber attacks between 2010 and 2014, 159 of them successful.

Hackers Compromise Cal State, Excellus BCBS Data

In Excellus BlueCross BlueShield's case, the breach dates back to December 23, 2013.

81 Percent of Healthcare Organizations Have Been Breached in Past Two Years

Still, 16 percent of organizations said they're unable to tell in real time if their systems are compromised.

Bugzilla Hacked for Over a Year

A single password reused from another site provided the attacker with privileged access.

Email Mistakes Expose HMRC, PTSB, WHSmith Data

As a result of technical glitches and human error, hundreds of contact details were shared by mistake.

Stolen Laptop Exposes 1,242 UCLA Health Patients' Medical Info

Data on the unencrypted laptop included patient names, medical record numbers and health information.

Cc: vs. Bcc: Email Blunder Exposes 780 HIV Patients' Identities

"I find it impossible to believe that in this day and age this can happen," one patient said.

225,000 Apple Credentials Stolen via New iOS Malware

It's the 'largest known Apple account theft caused by malware,' according to Palo Alto Networks researchers.

Avid Life Media CEO Resigns Following Data Breach

The decision was made 'in mutual agreement with the company,' according to a statement.

Thomson Customer Data Exposed by Mistake

458 names, addresses, email addresses, phone numbers and flight dates were exposed.

Lost, Stolen Unencrypted Devices Expose PHI Nationwide

A hard drive, computer and thumb drive -- none of them encrypted -- exposed over 9,000 patients' personal information.

Court Ruling: FTC Can Sue Companies for Cyber Security Failures

'It is not only appropriate, but critical, that the FTC has the ability to take action,' said FTC chairwoman Edith Ramirez.

Dating Website PlentyofFish Hit by Malvertising Attack

According to Cyphort Labs, the number of malvertising attacks carried out by hackers increased by 325 percent in the past year.

Employee Errors Expose PHI, PII, Social Security Numbers

Both the Illinois Department of Corrections and the Colorado Office of Information Technology recently released personal information by mistake. Hacked

The names, addresses and credit card information of approximately 93,000 customers may have been exposed.

Hackers Leak 10 GB of User Data from Adultery Site

The leaked data includes 36 million customer records, listing names, addresses, user names, passwords and the last four digits of credit card numbers.

IRS Data Breach Exposed 334,000 Taxpayer Accounts

The new number is more than three times the estimate the IRS had given in May.

Kaspersky Responds to 'Fake Malware' Allegations

'They forgot to add that we conjure all this up during steamy banya sessions, after parking the bears we ride outside,' Eugene Kaspersky wrote.

Theft of Unencrypted Laptop Exposes 100,000 Social Security Numbers

70 percent of U.S. adults think it's riskier to trust a company with their Social Security number than to carry their Social Security card with them.

Corvette Hacked via Text Message

UCSD researchers were able to both activate and disable the car's brakes and control the car's windshield wipers, all via SMS.

32 Charged with $100 Million Hack of Newswire Services

The group is alleged to have earned over $100 million by stealing and trading on corporate earnings announcements before they were made public.

U.K. Government Investigates Massive Carphone Warehouse Data Breach

As many as 2.4 million customers' names, addresses, birthdates and bank information may have been exposed.

American Airlines, Sabre Allegedly Breached by Chinese OPM Hackers

The same hackers who hit Anthem, United Airlines and the Office of Personnel Management may have added American and Sabre to the list.

FBI Details Takedown of Gameover Zeus Botnet

FBI agent explains how law enforcement worked with security vendors to bring down a major botnet operation.

U.S. Joint Chiefs of Staff Breached by State-Sponsored Hackers

Massive amounts of data were stolen in a short period of time, according to news reports.

HP ZDI Finds 100 Vulnerabilities in Adobe Reader

HP details how an attacker could potentially abuse Adobe Reader's JavaScript APIs.

FDA Warns of Cyber Security Flaws in Hospira Infusion Pump

The FDA is urging health care facilities to switch to alternative infusion systems 'as soon as possible.'

Certifigate Flaw Exposes Android Users to Risk [VIDEO]

Remote diagnostic tools from OEMs that are supposed to help Android users, could instead be used to hurt them.

Bitdefender Acknowledges Data Breach

Usernames and passwords were exposed in plain text.

Google Doubles Down on Android Security at Black Hat

Google's Android security chief discusses Stagefright and more in Black Hat address.

Yahoo Ads Serve Malware for Second Time in Two Years

Malicious ads were found to be redirecting victims to the Angler Exploit Kit, according to Malwarebytes researchers.

Half of C-Level Execs See CISOs Primarily as Scapegoats for Data Breaches

Only 25 percent think CISOs should be part of an organization's leadership team, according to a recent survey.

Medical Record Breach Impacts 3.9 Million People Nationwide

The data potentially exposed includes names, birthdates, Social Security numbers, lab results, medical conditions and health insurance information.

Ziften Digs Deep for Security Visibility

Fresh off a $24 million funding round, security startup debuts ZFlow technology to connect the dots of security incidents.

Employee Negligence Exposes Massachusetts Hospital Patients' Personal Data

70 percent of U.S. IT and IT security practitioners say more security incidents are caused by uninentional mistakes than by malicious acts.

Planned Parenthood Hacked

Over 300 employees' names, email addresses and hashed passwords were published online.

Anonymous Hackers Hit U.S. Census Bureau, Canadian Government

The hackers say the attacks were launched to protest the TTIP and TPP, and to retaliate for the shooting of James Daniel McIntyre by Candian police.

Flash Malware Surges, Finds Cisco

While Flash exploits are up, Java is going the other way, according to Cisco's MidYear Security Report.

Car Hacking Arms Race Starts: Chrysler Recalls 1.4 Million Vehicles

The recall was issued in response to a recent demonstration showing that a Jeep Cherokee can be hacked remotely via the Uconnect system.

Five Men Charged in Connection with JPMorgan Hack

The five allegedly used the stolen data to promote a pump-and-dump stock scheme.

Costco, CVS, Rite Aid, Tesco Photo Sites Shuttered by Third-Party Data Breach

A breach at Staples subsidiary PNI Digital Media has impacted photo processing sites for major vendors across the U.S. and the U.K.

Ashley Madison Hack Exposes Data on 37 Million Users

The hackers are threatening to release all of the stolen data if the site isn't shut down.

Data Breach at UCLA Health Exposes 4.5 Million People's Personal Information

The data potentially stolen includes names, birthdates, Social Security numbers and medical information.