A developer error caused the leak of 150,000 to 200,000 patient health records stored in productivity apps from Microsoft and Google that were recently found on GitHub.
The Center for Internet Security, Inc. (CIS®) released its Community Defense Model (CDM). The model shows that the CIS Controls® (Controls) – a prioritized and prescriptive set of safeguards that mitigate the most common cyberattacks against systems and networks – mitigate approximately 83 percent of all attack techniques found in the MITRE ATT&CK Framework.
While cyber threats continue to be a massive drain on business productivity, there is another, less obvious vulnerability: unintentional employee error. Indeed, a majority of businesses say that simple human error is their leading cause of data loss.
Let’s face it, passwords are a pain. As we’ve been pushed towards using longer and ever more complex passwords, and told to update them with increasing frequency, password management has become something of a headache. We’ve gone from simple, easy to remember passwords to 12- or 16-character passwords that must contain a mixture of upper and lowercase letters, numbers and symbols.
We speak to Saad Gul, Co-Chair of the Poyner Spruill, LLP, privacy and cybersecurity team, and learn about the Lifespan HHS investigation, what it means for data security professionals and why the HSS ruling should be a warning to all companies with HIPPA information.
Risk Based Security released their 2020 Mid Year Data Breach QuickView Report, revealing that although the number of publicly reported data breaches stands at its lowest in five years, the number of records exposed is more than four times higher than any previously reported time period.
In her “Top Breaches of 2019”, a security journalist asked if last year would “…be the worst on record?” It looks like 2020 could surpass last year’s breaches, but it’s not entirely due to consequences of the global pandemic. For sure, unprecedented levels of remote working has emboldened hackers to exploit new vulnerabilities, but there’s one very insidious risk that shows up year after year: the silent and unwitting exposure of sensitive data that no one notices… until it’s too late.
SANS Institute, a provider of cybersecurity training and certification services, lost approximately 28,000 items of personally identifiable information (PII) in a data breach that occurred after a single staff member fell victim to a phishing attack.
The vpnMentor cybersecurity research team, led by Noam Rotem and Ran Locar, have uncovered an unsecured AWS S3 bucket with over 5.5 million files and more than 343GB in size that remains unclaimed.
