According to a study conducted by Aberdeen and commissioned by Code42, data breaches from insiders can cost as much as 20% of annual revenue. Perhaps just as important, the study showcased that at least one in three reported data breaches involve an insider.
When it comes to data breach and privacy class actions, plaintiffs will need to prove data was actually misused not just improperly exfiltrated by hackers.
The Website Planet research team, in cooperation with security researcher Jeremiah Fowler, discovered a non-password protected database that contained just under one billion records. The exposed records revealed usernames, display names, and emails for WordPress accounts.
Inon Shkedy, Head of Security Research for Traceable, who also serves as the API Security Project Lead at OWASP and has co-authored the OWASP API Top 10, talks to Security about API security risks.
ForgeRock announced findings from its 2021 Identity Breach Report, revealing an unprecedented 450% surge in breaches containing usernames and passwords globally.
In a breach notification letter filed with New Hampshire's Office of the Attorney General, Bose said that in early March 2021, the company "experienced a sophisticated cyber-incident that resulted in the deployment of malware/ransomware across" its "environment."
Rapid7 has disclosed that the attackers behind the Codecov breach had accessed some of the company's source code using a previously compromised Bash Uploader script from Codecov.