Data security breaches
Get the latest information on enterprise security data breaches. Learn about data breach laws and regulations, best practices for data breach notification and response plans, the risks of exposed corporate data and personally identifiable information.
Top Stories
-
News
28 Oct 2021
Twitter details internal Yubico security key rollout
Following last year's breach, Twitter obtained 100% security key enrollment from its 5,500 internal employee accounts within a month of the cutover date. Continue Reading
-
Tip
27 Oct 2021
5 IT security policy best practices
As businesses and technologies grow and evolve, it's important IT security policies do, too. Follow these five best practices to ensure policies are fresh and relevant. Continue Reading
-
News
24 Jul 2019
Citrix breach blamed on poor password security
An investigation revealed the password spraying attack that gave malicious actors access to Citrix systems resulted in only some business documents being stolen. Continue Reading
-
News
22 Jul 2019
Equifax to pay up to $700 million in data breach settlement
Under the settlement with the FTC and state attorneys general, Equifax will fork over at least $575 million in civil penalties and provide credit monitoring services to consumers. Continue Reading
-
News
18 Jul 2019
Slack resets passwords possibly compromised in 2015 hack
Slack has reset passwords for 1% of users after uncovering new information regarding a 2015 hack of its systems. Continue Reading
-
News
16 Jul 2019
Experts: Facebook fine by FTC should be wake-up call for all
Facebook will reportedly be hit with a $5 billion fine by the FTC following an investigation into multiple privacy issues, and experts said other enterprises should take note. Continue Reading
-
Tip
28 May 2019
How to find an MSP to protect you from outsourcing IT risks
Check out what questions to ask MSPs to make sure they have the right security systems in place to protect your organization against outsourcing IT risks. Continue Reading
-
News
22 May 2019
Improved HR security may be why W-2 scams are down
HR's focus on better securing employee data may be working. In its annual data breach investigations report, Verizon found a dramatic decrease in the number of W-2 scam reports. Continue Reading
-
Opinion
01 May 2019
Putting cybersecurity for healthcare on solid footing
CISO Kevin Charest talks security threats he sees in the healthcare field and the means his company is using to thwart them, including HCSC's Cyber Fusion Center. Continue Reading
-
Feature
30 Apr 2019
How information sharing can reduce cybersecurity vulnerabilities
Cybersecurity vulnerabilities come from multiple fronts for modern businesses, but information sharing about real-world breaches -- good and bad -- provides valuable intelligence. Continue Reading
-
News
08 Apr 2019
Data breach legislation proposes jail time for CIO, HR execs
Sen. Elizabeth Warren takes a swing at corporate negligence in new legislation that may create jail risk for the C-suite. The bill is unlikely to advance, however. Continue Reading
-
News
25 Mar 2019
FEMA data exposure affects 2.3 million disaster victims
FEMA's data exposure is another high-profile example of accidental data disclosures -- a trend that has some security experts calling for more focus on failed security controls. Continue Reading
-
Answer
07 Feb 2019
Is there a viable breach notification tool?
A breach notification tool from Firefox Monitor and Have I Been Pwned could help consumers understand more quickly if their email or other vital information has been hacked. Continue Reading
-
Infographic
01 Feb 2019
Cutting SecOps breach response time is key to success
A new survey measures the success of security operations breach response by how long it takes to complete a three-step process to detect, understand and contain incidents. Continue Reading
-
News
29 Jan 2019
Insecure MongoDB databases expose Russian backdoor access
A security researcher found more than 2,000 exposed MongoDB databases that revealed a backdoor-access account operated by the Russian government, according to a report from ZDNet. Continue Reading
-
Podcast
10 Jan 2019
Risk & Repeat: What APT10 means for managed service providers
This week's Risk & Repeat podcast discusses how a Chinese state-sponsored threat group known as APT10 hacked into managed service providers to gain access to their clients. Continue Reading
-
News
08 Jan 2019
Marriott data breach exposed 5 million unencrypted passport numbers
Marriott's data breach affected fewer customers than the hotel giant originally estimated, but the breach exposed millions of unencrypted passport numbers. Continue Reading
-
News
04 Jan 2019
Cloud provider blames Ryuk ransomware for Christmas Eve attack
News roundup: Data Resolution claimed the Ryuk ransomware attack on its systems originated from North Korea. Plus, the EU is set to launch 14 open source bug bounties, and more. Continue Reading
-
Answer
20 Dec 2018
Ticketmaster breach: How did this card skimming attack work?
The hacking group Magecart was recently found to have run a card skimming campaign that put customer information at risk. Learn how this attack worked from Nick Lewis. Continue Reading
-
Podcast
19 Dec 2018
Risk & Repeat: Lessons from the Equifax breach report
This week's Risk & Repeat podcast looks at the U.S. House Committee on Oversight and Government Reform report on the Equifax breach and the infosec lessons to be learned from it. Continue Reading
-
News
30 Nov 2018
Marriott discloses Starwood data breach affecting 500 million guests
Marriott International admitted to a Starwood data breach that began in 2014 and affects about 500 million customers. Experts are unsure about the GDPR implications. Continue Reading
-
News
30 Nov 2018
Ponemon study shows data valuation discrepancies in enterprises
A new study from the Ponemon Institute shows enterprises are underestimating the value of their data, including critical and confidential information assets. Continue Reading
-
News
27 Nov 2018
USPS website flaw exposed data for one year
The U.S. Postal Service inadvertently exposed the data of 60 million users and has only just fixed the underlying website flaw, despite being notified of the issue one year ago. Continue Reading
-
News
20 Nov 2018
Recorded Future names Tessa88 suspect in LinkedIn, Myspace breaches
Researchers at Recorded Future identified the individual behind the notorious Tessa88 hacker handle, but it's unclear what role he played in the LinkedIn and Myspace breaches. Continue Reading
-
News
16 Nov 2018
After 2015 OPM data breach, agency failed to update security
News roundup: Three years after the OPM data breach, the agency still hasn't implemented basic security. Plus, seven new Meltdown, Spectre attacks were uncovered, and more. Continue Reading
-
News
26 Oct 2018
Settlement in Yahoo data breach leaves company to pay $50M
News roundup: The Yahoo data breach will cost the company another $50 million in a settlement deal. Plus, Check Point acquired cloud security company Dome9, and more. Continue Reading
-
Podcast
25 Oct 2018
Risk & Repeat: Facebook breach raises regulatory questions
This week's Risk & Repeat podcast discusses new developments regarding Facebook's recent data breach, as well as the social networking giant's response to the incident. Continue Reading
-
Opinion
25 Oct 2018
Quantum supremacy and the path to encryption chaos
Widespread use of quantum computing isn't as far into the future as some might think. When it arrives, this powerful computing technology could turn IT security upside down. Continue Reading
-
News
19 Oct 2018
Facebook hack the work of spammers, not foreign adversary
News roundup: The Facebook hack was the work of spammers, according to The Wall Street Journal. Plus, 35 million voter records are for sale on the dark web, and more. Continue Reading
-
Answer
09 Oct 2018
How was Google Firebase security bypassed?
Google Firebase's inadequate back-end development led to data leaks and vulnerabilities, including HospitalGown. Learn more about this security flaw from expert Michael Cobb. Continue Reading
-
News
02 Oct 2018
Facebook GDPR fate uncertain following data breach
Facebook's GDPR consequences are still up in the air following a data breach, as Irish regulators are waiting on more information before determining if the social network will face a fine. Continue Reading
-
News
21 Sep 2018
State Department data breach exposes employee info
A State Department data breach involving the agency's unclassified email system may have been due to a lack of multi-factor authentication, according to one expert. Continue Reading
-
News
20 Sep 2018
GovPayNow leak exposes 14 million records dating back six years
Experts question the security audit and government agency vetting that took place before the GovPayNow leak, which affected 14 million customer records dating back six years. Continue Reading
-
News
14 Sep 2018
British Airways data breach may be the work of Magecart
News roundup: The British Airways data breach may be the handiwork of hacking group Magecart, according to researchers. Plus, hacker Guccifer will be extradited to U.S., and more. Continue Reading
-
News
13 Sep 2018
CEO: Veeam database exposure fixed, investigation launched
Veeam co-CEO Peter McKay said there's 'no excuse' for the exposure of a marketing database and millions of email addresses. He said the company is being proactive in its response. Continue Reading
-
Podcast
12 Sep 2018
Risk & Repeat: Inside the GAO's Equifax breach report
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Government Accountability Office's report on the Equifax breach and the questions it raises. Continue Reading
-
News
31 Aug 2018
Another patched Apache Struts vulnerability exploited
News roundup: A new Apache Struts vulnerability was exploited in the wild mere days after it was patched. Plus, Facebook removes app over privacy concerns and more. Continue Reading
-
Tip
22 Aug 2018
Find network security vulnerabilities by assessing risk
IT staff needs to regularly review network security vulnerabilities and security gaps to battle rising cybersecurity breaches and keep costs under control through risk assessments. Continue Reading
-
Answer
10 Aug 2018
Facebook user data: How do malicious apps steal user data?
Malicious apps collected Facebook user data through Facebook APIs. Expert Michael Cobb explains how social networking platforms can monitor third-party apps' access to data. Continue Reading
-
Answer
08 Aug 2018
How do SDKs for ad networks cause data leaks?
SDKs made user data susceptible to security vulnerabilities in mobile apps. Expert Michael Cobb explains how this security vulnerability put user data at risk. Continue Reading
-
News
31 Jul 2018
Yale data breach discovered 10 years too late
A Yale University data breach from 2008 was only just discovered, and the school has released details on the compromised information, including Social Security numbers. Continue Reading
-
News
27 Jul 2018
LifeLock vulnerability exposed user email addresses to public
News roundup: A LifeLock vulnerability exposed the email addresses of millions of customers. Plus, Amazon's Rekognition misidentified 28 members of Congress as criminals, and more. Continue Reading
-
Answer
27 Jul 2018
Powerhammering: Can a power cable be used in air-gapped attacks?
Air-gapped computers subject to PowerHammer attack: Proof-of-concept attack enables data exfiltration through control of current flow over power cables. Continue Reading
-
News
26 Jul 2018
Ponemon: Mega breaches, data breach costs on the rise
The Ponemon Institute's '2018 Cost of a Data Breach Study' details a rise in data breaches with a look at mega breaches and why U.S. companies experience the greatest loss. Continue Reading
-
News
26 Jul 2018
ComplyRight data breach affects 662,000, gets lawsuit
ComplyRight, an HR and tax services firm, was hit with a data breach that affected 662,000 people. It has also prompted a lawsuit by a person whose data was breached. Continue Reading
-
News
29 Jun 2018
Exactis leak exposes database with 340 million records
Experts said the Exactis leak needs to be treated as a learning moment for defining identity online after the marketing firm exposed data on 230 million adults and 110 million businesses. Continue Reading
-
Answer
27 Jun 2018
What backup security measures protect against data breaches?
Backup security varies across different storage media. What works for tape-based backup may not work for disk backups, so plan your data protection strategy accordingly. Continue Reading
-
Answer
27 Jun 2018
How are air-gapped computers put at risk by the Mosquito attack?
Researchers recently discovered Mosquito -- an air-gapped attack that bites computers to put air-gapped networks at risk. Discover the logistics of this technique with Judith Myerson. Continue Reading
-
Answer
18 May 2018
How does the Terror exploit kit spread through malicious ads
Zscaler recently discovered a malvertising campaign that spreads the Terror exploit kit through malicious ads. Discover more about the threat with expert Nick Lewis. Continue Reading
-
News
17 May 2018
Securus hack exposes law enforcement customers of location tracking
Following news that it provides near real-time location data to law enforcement without warrants, a Securus hack exposed information on those law enforcement customers. Continue Reading
-
Answer
17 May 2018
SSH private keys: How do threat actors find exposed keys?
Cybersecurity vendor Wordfence reported a rise in scans for SSH private keys that are often accidentally exposed to the public. Learn how to stay protected with Nick Lewis. Continue Reading
-
Tip
17 May 2018
How security operations centers work to benefit enterprises
One key support system for enterprises is security operations centers. Expert Ernie Hayden reviews the basic SOC framework and the purposes they can serve. Continue Reading
-
News
20 Apr 2018
Another misconfigured Amazon S3 bucket exposes 48M records
News roundup: A misconfigured Amazon S3 bucket led to the exposure of 48 million records collected by a private data analytics firm. Plus, PCI SSC updated its cloud guidelines, and more. Continue Reading
-
Podcast
17 Apr 2018
Risk & Repeat: Breaking down the Verizon DBIR 2018
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the '2018 Verizon Data Breach Investigations Report' and its findings about ransomware, phishing and more. Continue Reading
-
Answer
28 Mar 2018
Zyklon malware: What Microsoft Office flaws does it exploit?
Zyklon malware targets three previously patched Microsoft Office vulnerabilities. Learn how attackers can access passwords and cryptocurrency wallet data with expert Judith Myerson. Continue Reading
-
Answer
27 Mar 2018
How can a Moxa MXview vulnerability be exploited by hackers?
A vulnerability was found in Moxa MXview -- a software used to visualize network devices and physical connections. Learn how this vulnerability can enable privilege escalation. Continue Reading
-
News
16 Mar 2018
Following Equifax data breach, executive charged with insider trading
News roundup: A CIO has been charged with insider trading after the Equifax data breach. Plus, Trump blocked Broadcom's acquisition of Qualcomm, and more. Continue Reading
-
News
06 Mar 2018
Equifax data breach affected 2.4 million more consumers
The massive Equifax data breach affected even more people. The startling total is now 147.9 million U.S. consumers who had their information stolen by hackers. Continue Reading
-
Answer
26 Feb 2018
Uber breach: How did a private GitHub repository fail Uber?
The recent Uber breach calls into question the use of code repositories. Expert Matt Pascucci explains how the breach of GitHub and Amazon Web Services occurred. Continue Reading
-
News
21 Feb 2018
Cryptojacking attacks hit enterprises' cloud servers
Cloud security vendor RedLock discovered threat actors had gained access to several enterprise cloud environments, including Tesla's, and used them for cryptojacking schemes. Continue Reading
-
News
14 Feb 2018
Equifax breach worsens, additional consumer data exposed
The Equifax breach compromised even more consumer data, including tax identification numbers, than originally reported. But the credit rating agency didn't disclose the update. Continue Reading
-
Tip
07 Feb 2018
Cloud security lessons to learn from the Uber data breach
Any organization that uses cloud services can learn something from the 2016 Uber data breach. Expert Ed Moyle explains the main takeaways from the massive breach. Continue Reading
-
News
12 Jan 2018
Fancy Bears hackers target International Olympic Committee
News roundup: The hacking group called Fancy Bears claims to have hacked the Olympics again. Plus, a former NSA contractor pleads guilty to stealing government data, and more. Continue Reading
-
News
05 Jan 2018
A DHS data breach exposed PII of over 250,000 people
News roundup: A DHS data breach exposed PII of 250,000 federal employees, as well as investigative data from 2002 to 2014. Plus, a new bill aims to nix paperless voting, and more. Continue Reading
-
News
22 Dec 2017
Cryptocurrency exchanges increasingly targeted by cyberattacks
News roundup: Cryptocurrency exchanges are folding because of targeted cyberattacks. Plus, five hackers were arrested in connection with international ransomware attacks, and more. Continue Reading
-
News
15 Dec 2017
Half of business leaders admit to hiding data breach information
News roundup: Data breach information is kept from customers 50% of the time, according to a report. Plus, the FBI director continues to preach against encryption, and more. Continue Reading
-
News
12 Dec 2017
1.4 billion stolen credentials found on dark web
A massive repository containing more than 1.4 billion stolen credentials was found on the dark web with special features for malicious actors. Continue Reading
-
News
08 Dec 2017
Hacker behind Uber data breach was paid off through bug bounty
News roundup: The man responsible for the 2016 Uber data breach is a 20-year-old from Florida. Plus, Ethiopia reportedly targeted dissidents with Israeli spyware, and more. Continue Reading
-
Podcast
07 Dec 2017
Risk & Repeat: Analyzing the accidental data breach
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rise of accidental data breaches following a series of enterprise exposures of user data online. Continue Reading
-
News
01 Dec 2017
Proposed data breach legislation could put executives in jail
Democratic senators have proposed data breach legislation that could lead to jail time for some executives who conceal breaches and fail to disclose them to consumers. Continue Reading
-
Guide
01 Dec 2017
Cyberthreats, cyber vulnerabilities, and how to fight back
The key to countering cyberthreats today is to first understand your biggest vulnerabilities and then research the most effective countermeasures available to minimize them. Continue Reading
-
Podcast
30 Nov 2017
Risk & Repeat: Uber data breach has implications for infosec
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Uber data breach, which was concealed by company officials, and the ethics of data breach disclosure. Continue Reading
-
Tip
30 Nov 2017
Data breach litigation: What enterprises should know
Data breach litigation can be highly detrimental to an organization that just suffered a major security incident. Find out what kinds of legal action enterprises could face in the event of a data breach. Continue Reading
-
Answer
17 Nov 2017
Ransomware recovery methods: What does the NIST suggest?
Knowing what ransomware recovery methods are available is important as the threat continues to grow. Expert Judith Myerson outlines what the NIST recommends for enterprises. Continue Reading
-
News
10 Nov 2017
Following Equifax breach, CEO doesn't know if data is encrypted
News roundup: Following the massive Equifax breach, the CEO said he doesn't know if customer data is encrypted or not. Plus, flaws were found in IEEE's P1735 standard, and more. Continue Reading
-
News
20 Oct 2017
Microsoft mum on 2013 database breach of bug tracking system
News roundup: Former employees reveal a 2013 database breach exposed Microsoft's bug tracking system, DHS sets new rules for federal agencies on web, email security, and more. Continue Reading
-
Podcast
11 Oct 2017
Risk & Repeat: Scope of Equifax, Yahoo breaches expands
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the expanding scope of the Equifax and Yahoo breaches and the long-term effects of these major security incidents. Continue Reading
-
News
07 Oct 2017
NSA breach leads to theft of government spy software
An NSA contractor became the target of a cyberattack after storing agency spying software on a personal device, and this NSA breach has caused a rise in fears regarding Russia. Continue Reading
-
Opinion
02 Oct 2017
No customer data leaks? Companies look down the rabbit hole
When Yahoo finally disclosed a massive 2014 data breach to up to five hundred million affected account holders in September 2016, some already had legal representation. Continue Reading
-
E-Zine
02 Oct 2017
Growing data protection risks and how to manage them
Companies today collect more data from more sources than ever before. Often the data is distributed across on-premises environments, cloud systems and third-party networks. The network perimeter behind which most enterprise data once resided is gone, and users now have the ability to access data from anywhere and at any time via laptops, smartphones and other mobile devices. Managing these data protection risks creates unique challenges for CISOs and their security teams.
"Security must be able to protect the data wherever it is being used, viewed or saved," said Christopher Pierson, executive vice president, general counsel and CSO at Viewpost, an electronic payments and invoicing service, based in Maitland, Fla.
For organizations covered by regulations such as PCI DSS, HIPAA, the Gramm-Leach-Bliley Act and, soon, the European Union General Data Protection Regulation, the trends pose enormous compliance headaches. The distribution of data and the many ways in which it can be accessed has made handling data protection risks especially challenging.
At the same time, many companies have network-level security models that prevent their security teams from transitioning to data-level controls. In this issue of Information Security magazine, we look at data-centric security models and better ways to manage data protection risks.
Continue Reading -
News
29 Sep 2017
Deloitte hack compromised sensitive emails, client data
News roundup: During the Deloitte hack, attackers had access to client data and internal email servers. Plus, the U.S. asks China not to enforce its Cybersecurity Law, and more. Continue Reading
- 28 Sep 2017
-
Podcast
21 Sep 2017
Risk & Repeat: Equifax data breach fallout continues
In this week's Risk & Repeat podcast, SearchSecurity editors continue discussing the Equifax data breach and examine new details about an Apache Struts flaw tied to the attack. Continue Reading
-
News
13 Sep 2017
Equifax breach response deemed insufficient in multiple ways
Experts criticized the Equifax breach response as insufficient, given the size and scope of the data loss, and they said the company was likely not prepared for such an incident. Continue Reading
-
Podcast
13 Sep 2017
Risk & Repeat: Equifax data breach response called into question
In this week's Risk & Repeat podcast, SearchSecurity editors tackle the massive Equifax data breach and how the credit bureau's response to the security incident is creating more problems. Continue Reading
-
News
08 Sep 2017
Equifax breach exposes 143 million consumers' personal data
A massive Equifax breach, which was discovered in July, exposed the personal information, including names, birth dates and Social Security numbers, of 143 million Americans. Continue Reading
-
News
17 Aug 2017
NotPetya ransomware impact costs Maersk hundreds of millions
Danish shipping giant A.P. Moller-Maersk said the NotPetya ransomware attacks severely damaged business processes and the impact has been estimated at as much as $300 million in lost revenue. Continue Reading
-
Podcast
28 Jul 2017
Risk & Repeat: Why are Amazon S3 buckets spilling on the web?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the series of enterprise data leaks through misconfigured Amazon S3 buckets and what should be done about them. Continue Reading
-
Answer
25 Jul 2017
ASLR side-channel attack: How is JavaScript used to bypass protection?
Researchers have developed an ASLR Cache side-channel attack that enables them to eliminate ASLR protections. Expert Nick Lewis explains how JavaScript code is used in the attack. Continue Reading
-
News
18 Jul 2017
Another AWS data leakage due to misconfiguration
Dow Jones becomes the latest organization to be affected by an AWS cloud data leakage due to misconfiguration and user error. Continue Reading
-
E-Zine
10 Jul 2017
The best endpoint security practices are evolving and essential
Ever since the first mobile device hit the enterprise network, best endpoint security practices have been a major IT concern. What's happened since then has been a staggering proliferation of the number and types of devices on the network, complicated by increasing numbers of mobile and remote corporate employees, all of which have essentially ended the traditional idea of a corporate network security perimeter. Firewalls and other more traditional security appliances may still be in use, and rightly so, but endpoint security management is more critical than ever in keeping enterprise systems and data safe from malicious actors.
The summer Insider Edition, our Information Security magazine quarterly e-zine, looks at what's new in endpoint security management, from the best endpoint security tools to consider now, and what other efforts beyond tools infosec pros can employ to best secure all those pesky mobile endpoints wandering in and out of corporate corridors.
This Insider Edition offers expert assessments on the endpoint security technology vendors have developed to combat mutating ransomware like WannaCry -- from machine learning to multivendor partnerships to behavior analytics. Also included is an exploration of mobile endpoint security tools like application containers and app wrapping. CISOs must focus now on how the threats, and the technological advances to fight them, are changing and factor these considerations into any endpoint security strategy.
Readers will come away with a deeper understanding of the best endpoint security tools and techniques available and be able to consider the most advanced approaches available to locking down the company data and systems that endpoints can access.
Continue Reading -
Feature
10 Jul 2017
Advanced endpoint protection takes on the latest exploits
Advanced endpoint protection is arriving from all quarters -- machine learning, crafty sandboxes, behavior analytics. Learn how tech advances are being applied to endpoints. Continue Reading
-
Opinion
10 Jul 2017
Do thoughts of your least secure endpoint keep you up at night?
Some days, 'secure endpoint' feels like an oxymoron, but that soon may change. From smart sandboxes to advanced behavior analytics, learn what's new in endpoint security technologies. Continue Reading
-
Answer
19 Jun 2017
How did thousands of MongoDB databases get hijacked?
Thousands of MongoDB configurations were hijacked due to poor authentication practices. Expert Nick Lewis explains how organizations can properly configure their implementations. Continue Reading
-
Tip
15 Jun 2017
Information privacy and security requires a balancing act
Maintaining information privacy and security seem to be separate challenges, but in reality, each is integral to the other. Expert Kevin Beaver explains how to work toward both. Continue Reading
-
Feature
23 May 2017
Learn what breach detection system is best for your network
Breach detection systems are essential in these days of machine learning and artificial intellingence. Learn how to identify the features and functions your network needs. Continue Reading
-
News
21 Mar 2017
FBI investigating Trump campaign ties to Russia, DNC breach
FBI Director James Comey confirmed the bureau is investigating the Trump campaign's ties to the Russian government and election cyberattacks such as the DNC breach. Continue Reading
-
Podcast
03 Mar 2017
Risk & Repeat: Cloudflare bug poses incident response challenges
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Cloudflare bug that leaked an undetermined amount of customer data over several months. Continue Reading
-
News
03 Mar 2017
Cloudflare security team calms fears over Cloudbleed bug
Cloudflare security researchers continue investigations as CEO calms fears over potential exposure of sensitive personal data by the Cloudbleed bug, though doubts remain. Continue Reading
-
News
02 Mar 2017
Employees knew about Yahoo security breach years ago, per new SEC filing
A new SEC filing details who knew about the major Yahoo security breach in 2014, but experts are confused by the repercussions of the announcement. Continue Reading
-
News
24 Feb 2017
Project Zero discovers Cloudflare bug leaking sensitive customer data
The Cloudflare bug in CDN is fixed after causing sensitive customer data to leak. Google Project Zero discovered the flaw, and users were warned to change passwords. Continue Reading
-
Answer
10 Feb 2017
What caused the ClixSense privacy breach that exposed user data?
A privacy breach at ClixSense led to user account details being put up for sale. Expert Michael Cobb explains how companies should be held accountable for their security practices. Continue Reading
