American Express Insider Case: When Access Turns Personal
In this case review, we examine the American Express insider case and why access controls matter in finance.
24.06
Blog
Record $409M Coupang Fine and School Insider Incident
In this weekly digest, we review a record Coupang fine and a school insider attack that disrupted operations.
17.06
Blog
Vishing Attack Exposes E-Learning Platform Data
In this weekly digest, we explore how a vishing attack exposed e-learning data and how DLP helps reduce risks.
10.06
Blog
(In)Secure Digest: Teen BEC Scammers, GitHub Token Leak, Costly Match
Teen BEC scammers, a GitHub token leak, costly romance fraud, and data breaches in this month’s digest.
03.06
Blog
Morocco Civil Records Claim and Carnival 6M Customer Data Leak
In this digest overview: Morocco civil records leak claim and Carnival data breach affecting millions.
03.06
Blog
Mopas and 7-Eleven Data Breaches Expose Retail Cyber Risks
In this weekly roundup: Mopas and 7-Eleven breaches reveal growing cyber risks for retailers.
27.05
Blog
Cyber Incidents Pile Up: Senegal Treasury, Best Western, UAE Threats
In this weekly digest, we cover cyber incidents in Senegal, Best Western’s guest data breach, and rising AI threats in the UAE.
20.05
Blog
Škoda Online Store Breach, Vimeo Hit via Third-Party Provider
In this weekly cybersecurity roundup: Škoda and Vimeo disclose major customer data security incidents.
13.05
Blog
(In)Secure Digest: Booking.com Hack, McKinsey AI Leak and BEC Fraud
AI agents, insider threats and major breaches: last month’s biggest cybersecurity incidents.
12.05
Blog
Post-Incident Communication: English Time & Kraken Data Breaches
In this weekly roundup of data breaches, English Time and Kraken reveal key lessons in cyber risk and response.
23.04
Blog
Massive Data Leak Hits Moroccan Students: 400K Student Records Affected
In this weekly digest of cybersecurity news: Morocco faces a massive student data leak affecting 400K records.
15.04
Blog
Insider Extortion & AI Phishing: Latest Cyber Incidents
This week in cybersecurity: insider extortion and AI phishing attacks are rapidly escalating worldwide.
08.04
Blog
Navia Breach Hits 2.7M as Healthcare Cyber Incidents Surge
In this weekly digest: top industry trends, tech updates, and key insights shaping the business landscape.
01.04
Blog
(In)Secure Digest – If InfoSec Had a “Darwin Award” – 2026
Insider leaks, AI missteps, and costly breaches – April’s most absurd cybersecurity incidents explained.
31.03
Blog
Turkish Restaurant Chain Data Leak & Bahrain Hospital Cyberattack
This week we explore cyberattacks on a Turkish restaurant chain and a Bahrain hospital breach.
25.03
Blog
Saudi banks WhatsApp ban cybersecurity banking regulations DLP
In this roundup we explore Saudi banks banning WhatsApp to improve security and prevent fraud risks.
18.03
Blog
Insider Data Leak in Turkish Finance Sector
In this weekly roundup, we examine the insider data leak at Garanti Finansal Kiralama reported by KVKK.
11.03
Blog
(In)Secure Digest: $40M Crypto Theft, Cloud Leaks, and Multi-Million Breaches
$40M crypto theft, cloud leaks, insider fraud, and phishing attacks – key cybersecurity incidents from last month.
04.03
Blog
From ADFW Leak to WGS Attacks: UAE's Cyber Contrast
This week: 700 IDs leaked at Abu Dhabi’s finance forum, 90,000 attacks repelled in Dubai.
03.03
Blog
Attack on an Airline and a Hidden Threat to Côte d'Ivoire’s Financial Sector
This week’s overview explores the cyberattack on Air Côte d'Ivoire and a critical malware threat to the country’s banks.
25.02
Blog
A New Era of Information Security in Oman: The PDPL Enters into Full Force
In this weekly roundup we cover Oman PDPL enforcement and what it means for data security compliance.
18.02
Blog
When DLP Falls Short:
Key Capabilities of an Effective DLP Solution
Key Capabilities of an Effective DLP Solution
Key capabilities every modern DLP solution needs to prevent data leaks and close security gaps.
13.02
Blog
Recent Data Breach Incidents Affected Nearly 500,000 People in Turkey
Two major cyberattacks in Turkey exposed 500,000 records and triggered massive financial and reputational damage.
11.02
Blog
Google Engineer: Trusted Access, Stolen Secrets
This weekly digest examines how a trusted Google engineer stole AI secrets using everyday cloud tools.
04.02
Blog
Why Investigative Capabilities Matter in DLP Systems
DLP can expose fraud, sabotage, and insider schemes if it can investigate, not just block.
03.02
Blog
(In)Secure Digest: Google AI Leak, Robin Hoods vs Ubisoft, Samsung Misstep
Insider-driven data leaks, fraud, and security failures: key information security incidents from January.
03.02
Blog
How to Choose a DLP Solution That Truly Reduces Costs
Learn how to choose a DLP solution that lowers total cost of ownership without compromising data security.
28.01
Blog
KVKK 2026 Updates: What Turkish Businesses Must Know
KVKK 2026 brings higher fines, stricter enforcement, and new rules for data breach announcements in Turkey.
28.01
Blog
Data Protection and Enforcement in Kenya: Real Fines, Real Risks
This week’s overview highlights Kenya’s data protection enforcement, with real fines and accountability for violations.
21.01
Blog
ID Copies in Turkish Hotels: To Keep or Not to Keep?
This weekly roundup reviews a Turkish Data Protection Authority decision banning hotels from storing photocopies of guest IDs.
14.01
Blog
How Employee Dismissal Could Go South
This weekly roundup reviews a court case showing how employee misconduct claims affect data security.
24.12
Blog
(In)Secure Digest – NY Edition: Brewery Shutdown, Insider Scams, AI Risks
A New Year cybersecurity digest on insider scams, ransomware shutdowns, AI fraud, and real-world security failures.
23.12
Blog
A USB Drive Was All It Took
This weekly digest examines how a simple USB drive enabled an insider data leak and exposed critical security gaps.
17.12
Blog
Why Cheap DLP Becomes Costly: How to Avoid an Expensive Mistake
Why cheap DLP often becomes an expensive mistake — and how to choose a solution that truly saves money in the long run.
09.12
Blog
How to Test Your DLP Solution to Ensure It Doesn’t Become a Disappointment
How to properly test a DLP solution to ensure it meets your needs and delivers reliable, effective data protection.
09.12
Blog
Coupang Data Breach: Insider Incident Hit Half of Korea’s Population
This weekly digest covers Coupang’s insider breach that exposed 33.7M users through a long-valid token.
09.12
Blog
Training Employees in Information Security – What to Focus On
How to design an information security training program that reduces human-factor risks and strengthens digital hygiene.
09.12
Blog
(In)Secure Digest: Masterful BEC Scam, Preschool Chaos, Crypto Mining Scheme
This month’s (In)Secure Digest highlights November’s most notable insider threats, breaches, scams, and security incidents.
03.12
Blog
From TSMC to Intel: Trade Secret Theft or Career Growth?
In this weekly digest we examine how a former TSMC executive allegedly leaked chip technology before joining Intel.
03.12
Blog
Inside the NetApp Insider Scandal
This weekly roundup examines the NetApp insider scandal and how DLP tools help prevent intellectual property theft.
27.11
Blog
ANKA Leak Highlights Africa’s Cyber Fragility
This weekly digest covers the ANKA breach exposing 537,000+ user records and Africa’s growing cyber risks.
19.11
Blog
Intel Insider Incident Exposes Security Gaps
In this weekly roundup a fired Intel engineer steals 18K files, revealing insider risks and data protection flaws.
12.11
Blog
Massive Data Breach at Doha British School
This week’s digest covers Doha British School’s alleged 481 GB data leak and a major Qatar cyberattack.
07.11
Blog
(In)Secure Digest – Halloween Edition: Frightful Acts and Fatal Errors
Frightfully careless staff, cunning hackers, and AI scams — explore true insider threat stories in our Halloween Digest.
31.10
Blog
Data Leaks Risks: From Airlines to NGOs
This week’s digest highlights Air Arabia’s ransomware leak and Gerar’s massive data breach in Brazil.
29.10
Blog
Conspiracy in Nigerian Bank and Data Breaches in Turkey
This week: Insider threats surge as Wema Bank and Turkish breaches expose rising global cybersecurity risks.
22.10
Blog
Vietnam Airlines and Avnet Disclose Major Cybersecurity Breaches
This week’s digest covers data leaks at Vietnam Airlines and Avnet's encrypted data theft.
16.10
Blog
Africa’s Cyber Wake-Up Call
This week, hackers targeted Senegal, prompting increased security, while Algeria also boosted its defenses.
09.10
Blog
Ransomware Gangs Target Insiders, while Thailand secures AI usage
In this weekly roundup: ransom gangs target insiders; Bank of Thailand releases new AI data protection rules.
02.10
Blog
National Cyber Security Strategy for the UAE was published
The UAE Cyber Security Council released the National Cyber Security Strategy 2025–2031.
24.09
Blog
Vietnam & Morocco: Cyberattacks Target National Databases
This week’s digest covers two data incidents: Vietnam’s theft of 160 million records and Morocco’s $4M cybersecurity upgrade.
17.09
Blog
Massive Data Leak Exposes Millions Worldwide
Researchers uncovered 250M+ records exposed in Brazil and UAE and Nigeria’s breach compromised 500K+ business users.
10.09
Blog
Data Breaches in Turkey & Enforcement Push in Nigeria
This week's roundup highlights personal data leaks in Turkey and Nigeria's investigation of over 1,300 organizations.
04.09
Blog
(In)Secure Digest: Pokémon Gold, Outsourced Fraud & McDonald's Security Gaps
August highlighted insider threats, legal actions, and FBI busts, emphasizing ongoing data security issues.
02.09
Blog
Massive AI Data Leak & Apple Trade Secret Theft
This weekly update covers the data leak involving Grok AI users and Apple's lawsuit against an ex-employee over trade secrets.
27.08
Blog
PayPal Breach Rumors and Kenya Banking Fines
A massive PayPal data breach potential and recent fines for Kenyan banks highlight ongoing data protection challenges.
20.08
Blog
(In)Secure Digest: A Surge of Insiders, Leaks, and Lazy Schemes
A gripping July roundup of real-world infosec fails – featuring insider betrayals, crypto theft, and rogue admins on a mission.
04.08
Blog
Data Protection: Lessons from UAE and Uganda
This week’s digest covers insider threat risks in Abu Dhabi and Uganda’s first legal prosecution under its privacy law.
30.07
Blog
Louis Vuitton and Rezayat Group: Data Breaches with Global Aftermath
This week’s roundup highlights data breaches affecting Louis Vuitton customers' data and partner details of Saudi Rezayat Group.
23.07
Blog
Data breaches in Saudi Arabia & Tunisia
Criminals have breached the Tatweer Buildings Company in Saudi Arabia and the national university network in Tunisia. The Dubai Police, Gulf Bank of Kuwait, and the Nigeria Data Protection Commission have been acting to address security challenges.
16.07
Blog
Supply Chain Attacks are New Trend
This week, a credential theft in Brazil stole $140 million, and Ingram Micro faced a cyberattack causing revenue loss.
09.07
Blog
(In)Secure Digest: Grandma Hacker, Fake Tech Support Scams, Credential Gold Rush
In July edition, we highlight persistent African extortionists, a ransomware attack that erased a century of history, and more.
02.07
Blog
Vietnam passes Personal Data Protection Law
The Vietnamese government continues to revise legislation on data and data protection as a response to the escalation of security threats.
02.07
Blog
Criminals target KSA and Turkey
The Turkish KVKK, the Personal Data Protection Authority, has released four official statements on recent data breaches.
25.06
Blog
Vietnam: Major Attacks & Changes to Personal Data Protection Law
Vietnam addresses recent sector attacks, supports local businesses, and discusses a new Personal Data Protection Law.
18.06
Blog
Major Data Breaches in the UAE and Morocco
This weekly update covers a healthcare data breach in the UAE and sensitive data exposure in two Moroccan companies.
11.06
Blog
Jordan, UAE & Türkiye Customers are Exposed by Third-Party Breaches
Data leaks occurred in Jordan's finance and UAE's healthcare sectors, along with info exposure in Türkiye and South Africa.
02.06
Blog
(In)Secure Digest: Greedbags in Coinbase, Hidden AI Secrets, Intel Karma
We welcome summer by highlighting a traditional selection of information security incidents, involving insiders and beyond.
02.06
Blog
Smoke & Mirrors? Three Data Breaches in the UAE
In this weekly update, we will reveal details regarding three incidents that occurred in the UAE.
28.05
Blog
DLP for data leak investigation: how to make it a universal data protector?
Overview of the functionality to be added to the system, compiled by a SearchInform client who wished to remain anonymous.
27.05
Blog
Leakers strike again. Bribe of Coinbase Staff & Mistake in Nigeria
This weekly digest covers two security incidents: a major data breach at Coinbase and a human error in Nigeria.
21.05
Blog
The KSA Announces Changes to Data Protection Laws
Big news is coming from the Kingdom of Saudi Arabia. The Saudi Data and Artificial Intelligence Authority (SDAIA) started public discussion on two draft documents in the field of data protection.
14.05
Blog
(In)Secure Digest: Evil Exes, Malicious Microsoft Bug Hunter, 4chan Hack
It's time to share the security incidents that caught our attention last month. In this overview: a white hat hacker confesses to ChatGPT, MrBeast’s employee films his own reality show, contractors steal tickets from Taylor Swift fans, and other incidents.
12.05
Blog
Major Data Breach in India. Kenya, Thailand & Singapore Staying Vigilant
In this week’s round-up of information security events, we examine a data breach in India and the activities of data regulators around the globe.
23.04
Blog
African news: Major data breaches strike in Morocco and South Africa
In this weekly Digest: information secuirty news, updates on previous data leaks and regulators activities from Africa.
17.04
Blog
Confirmed Data Breaches from Turkey and Thailand
In today's overview: three data breaches in Turkey confirmed by KVKK and one of the largest data leaks in Thai history.
10.04
Blog
Oracle Data Leak: Smoke without Fire? Togo & Kenya Enhance Security
In this roundup: Сontradictions behind alleged data theft from Oracle; African states actively pursue data security.
02.04
Blog
(In)Secure Digest: If there were a Darwin Award for Information Security
In our April overview, we highlight the funniest and the most ridiculous information security incidents from the last month.
01.04
Blog
Round-up of Regulatory Events in Vietnam, Nigeria, Ivory Coast, & Kenya
African governments and regulators are actively working to protect data. Vietnam issued a new draft of the Law on Data.
26.03
Blog
IS News: Data Breach in SA, Nigeria & Kenya on Guard of Data Rights
In this overview, you will find details on data leak in South Africa and data protection lawsuits.
19.03
Blog
UAE in the Spotlight. Data Breaches & Cybersecurity Strategy
We received a lot of exciting news from the UAE over the past week. Criminals exposed information about Emirati citizens' brokerage accounts and Wizz Air Abu Dhabi, an airline. The Cyber Security Council has unveiled 5 pillars of the National Cybersecurity Strategy. What will be the point of UEA’s cybersecurity attention in the upcoming years? Let’s dive in!
12.03
Blog
Major Data Breach Precedents & Saudi Arabia’s Data Guidelines
The AI-powered tool again became the source of the data breach.
06.03
Blog
(In)Secure Digest: Hacker-Insider Combo, DeepSeek Wide Open, Gracious Apple
It's time to find out what happened in the field of information security in January. In this Digest, you’ll find the most notable data breaches from the last month.
04.03
Blog
Grand Finale for Samsung Insider & Rumored Data Breaches in KSA
As February wraps up, we got news about the culmination of a major insider leak in South Korea and hints about several rumored data breaches in the Kingdom of Saudi Arabia. Let’s dive in!
27.02
Blog
Two Major Data Incidents and New Cybersecurity Strategy for UAE
Last week was eventful for cybersecurity. A huge data leak happened in a Brazilian bank; records about 30 million clients were exposed. The AI platform leaked personal information and chat history, including sensitive documents. In order to address cybersecurity issues, the UAE launched the National Cybersecurity Strategy.
18.02
Blog
Series of Data Leaks in Turkey, CAT’s Data is Stolen in Brazil
In this overview you’ll find details on the following incidents: two Turkish universities experienced personal data breach, while energy holding lost its data; personal details and information about legal bodies was exposed as a result of data leak in Brazil.
11.02
Blog
First Data Leak from DeepSeek and Potential Insider Involvement in Kenya
Chinese AI DeepSeek keeps everyone’s attention-news about a data leak was as loud as its release. Over a million log lines became accessible; the breach also enabled privilege escalation. Simultaneously, Kenya’s governmental body leaked over 2 million records. Without many words, let’s dive in!
05.02
Blog
(In)Secure Digest: FortiGate leak, Google phishing Ads, Trojan gadgets
It's time to find out what happened in the field of information security in January. In this Digest, you’ll find the most notable data breaches from the last month.
31.01
Blog
Golden Classics of Data Breaches and Increased Fines
In this weekly digest, we will look at two different incidents. They have something in common—both of them could be put in an information security textbook. Wrong addressee for email and gap in cloud storage security rules. At the same time, Turkey raised fines for data protection for 2025.
29.01
Blog
Data Breach of Tech Giant and Publication of Draft Data Protection Rules
Recently it became known that valuable data was stolen from Hewlett Packard Enterprise, examination results were leaked in South Africa, while a draft of key data protection law was published in India. Learn more about these events in this weekly digest.
22.01
Blog
ICAO and South African Companies Fell Victim to Data Related Incidents
The beginning of the new year was marked by a bunch of major information security incidents. Let’s dive into the incidents, which happened with the International Civil Aviation Organization and South Africa Govchain and Cell C companies.
16.01
Blog
(In)Secure Digest: 2024’s Internal Fumbles
With 2024 drawing to a close, we have rounded up some of the year’s eye-catching incidents where internal factors stole the spotlight. From mishaps to true malice of insiders, these stories have it all. Take a moment to read and see what lessons can be learned!
24.12
Blog
Namibia is under Attack, Kenya Bolsters Data Protection Laws
Namibia is affected by a big data breach, including contractual records and personal data of high-ranking officials, while neighboring Kenya enhances its own Data Protection Act.
18.12
Blog
Central Bank of Brazil exposed sensitive information
The Central Bank of Brazil reported that a data leak occurred on the 4th of December. According to the statement made by the Central Bank, the incident is a result of operational error during publishing the survey results.
12.12
Blog
Round-Up of Severe Data Leaks in Asia
In this weekly review of data security incidents, you will find details on the alleged theft of identity cards data in Malaysia and an incident with the cloud storage provider in Hong Kong.
12.12
Blog
Troves of Personal Data Were Exposed, While Regulators Work on Protection
In this weekly overview of major security incidents, you will learn about a several cases, which lead to exposure of hundreds of GB of confidential data.
04.12
Blog
(In)Secure Digest: Baguettes' Thief, Disney Sabotage, Credentials' Waterfall
It's time to review November's most noticeable and high-profile information security incidents. In this digest, you’ll find: a multi-million-dollar scam by a former top manager, a “cyber-poisoner” at Disney World, echoes of the MOVEit hack at Amazon and others.
03.12
Blog
Algeria Faces 70M Attacks While Tesla Breach Turns Out False
As November wraps up, headlines tell of cybercriminals targeting Algeria and a recent data breach mistakenly linked to Tesla. Let’s explore the details.
27.11
Blog
Social Media in the Crosshairs
In this digest, we are breaking down how Twitch and Facebook failed in data protection and what these incidents led to.
19.11
Blog
Africa’s Security Landscape: Kenya Rises, Nigeria Struggles, SA loses data
This week’s digest is packed with news from Africa. Let’s explore how the continent is battling with cybersecurity problems.
13.11
Blog
(In) Secure Digest Halloween Edition: What Spooked IS Specialists in October
The Halloween agenda includes a million-dollar scam, a hacker offended by non-recognition of merit, and frighteningly frequent attacks on the game industry representatives.
UAE’s AI Investments & LinkedIn’s GDPR Fine
The last IS news roundup of October is here for you—let’s dive in!
30.10
Blog
The New Portion of Insider Incidents: Cases of Remote Employee and CISO
In this incident roundup, we are exploring two cases of customer data leakage with insiders being accused of security rules violation.
The Pokémon Developer and Well-known Electronic Device Manufacturer are Facing Data Leaks
In today's roundup, we'll discuss how unauthorized access to Game Freak's servers and a ransomware attack on Casio resulted in the leak of a trove of confidential personal and corporate data.
Qatar’s Data Breach Fine & Kenya’s Move Toward Digital Inclusion
In this week’s new roundup, we are exploring the details of the data breach that occurred in Qatar and how Africa is making its way to digital safety.
09.10
Blog
(In) Secure Digest: Cyberattack on Dell, Fortinet Cloud Leak, Blackmailing Employee
A roundup of high-profile IS incidents that occurred or came to light last month is here. During September, we witnessed attacks on IS vendors and the leaking of data on millions of Americans.
UAE Warns Residents About Cyber Traps
Today we will talk about the UAE authorities' warnings regarding malicious advertising and... sharing secrets with ChatGPT.
Data Watchdog Fines Nigerian Banks for Compromising Data
In this review, we examine how Nigerian banks are getting slammed with fines for noncompliance with regulatory requirements.
02.10
Blog
Indonesia’s ID Leak & Link Between Layoffs and Data Breaches
Today, we are here with updates on a data breach investigation from Indonesia and news of an extremely interesting study on the correlation between mass layoffs and increasing data breaches.
From Cyber Stars to Data Scars: Africa's Top Cybersecurity Role Models Shine as Cameroon Faces Major Data Breach
This week’s IS news roundup comes from Africa. Let’s delve into the Global Cybersecurity Index report and see where African countries rank on it, and explore the details of a serious data breach in Cameroon.
Slim CD Breach and Turkish Ministry Data Leak
Here’s the first news roundup of the autumn, where we explore the details of the Slim CD data breach and provide updates on the Turkish Ministry of Health information leak during the pandemic.
(In) Secure Digest: Netflix Leak, McDonald's Scammers, Rodents vs.Tokens
In this review: a nightmare for League of Legends fans, the largest leak in US history, and another Microsoft outage.
04.09
Blog
Data Security Failures of the Week
In today’s IS news roundup, we will explore the details of the FlightAware and Enzo Biochem cases.
20.08
Blog
Another Day, Another Leak
The past week brought various news about severe data breaches. In this digest, we look at the details of the most significant cases.
15.08
Blog
Malaysia's Information Security Boost and the UK's $9.6 Million Data Blunder
Today we will explore Malaysia’s significant step towards mitigating data leaks and the consequences of a 2022 ransomware attack on a British IT company.
(In) Secure Digest: Stolen Shib Coins, the Disney Villian, and the Leak of Millions of Americans' Data
In this edition: the latest twist in the Snowflake saga, the adventures of robots.txt, and the case of meme-coin theft.
Rising Breach Costs, AI’s Double-Edged Sword, and HealthEquity’s Data Drama
In the last IS news roundup for July, we cover the key findings of IBM and Ponemon's Cost of a Data Breach Report 2024 and share details of the HealthEquity case.
A Turbulent Week for Tech and Travelers
This week's news roundup might not be the most uplifting for those planning a trip. However, it is important to dive deeper into the recent events to ensure you are well-informed before you head to the seaside.
Lulu Data Breach & SOC Future Study
In this week’s digest we are to explore the details of the recent data breach in a major retail company and the key takeaways of the research on SOC future.
17.07
Blog
Roblox Incident & Security Pros’ Fears
Today we are going to talk about the details of the Roblox data breach and the main outcomes of a recent cybersecurity professionals survey.
Why Data Theft Can't be Tolerated – Yet Still it Happens
It’s impossible to completely exclude the possibility of data theft, given the speed with which technology is developing and the volumes of assets going digital. However, the risks can be mitigated.
05.07
Blog
Insurance Market Shake-Up & Digital Diary Breach
In this week's IS digest, we will delve deeper into the news about a recent incident and explore the outcomes of new research.
(In) Secure Digest: Wiped Out Servers, Phish in Sales, and Summer Leak Season
In our June review, we look at recent information security incidents reported in the media during the first month of summer.
01.07
Blog
Cybersecurity Remains a Top Concern as Professionals Face Burnout
The present news digest explores the main findings of recent research on burnout among cybersecurity experts and the state of smart manufacturing in the automotive industry.
Beware of Fakes and Exes
This week’s news digest is about how fired and fake employees can cause disasters.
Check Out Your Password
In our latest cyber news review, we are going to share with you the key takeaways from recent studies on password management habits and ATO attacks.
Cybersecurity Challenges Revealed by New Research & the Epsilon Case Completion
In this week’s cyber news review, we are going to delve deeper into the recent CDW research findings and the Epsilon case updates.
(In) Secure Digest: IS specialist changing team, biometrics theft by aggrieved contractors and electronic signature platform hack
We have compiled a monthly roundup of high-profile IS incidents that were reported in May.
A Bunch of Fines for Serious Breaches
In this overview we are reporting on two recent major data leaks, which resulted into loss of troves of data and significant penalties by regulatory authorities.
30.05
Blog
April 2024 Breaks Data Breach Records
In the text below, we will take a closer look at a couple of the recent cyber incidents.
16.05
Blog
(In) Secure Digest: the Unprotected Server, the Marine Data Leak and a Supply Chain Attack
In May's edition, we'll reveal: the case of an unscrupulous medical company; accidental data leak caused by the SaaS vendor; consequences of the India's largest electronics manufacturer negligence.
(In) Secure Digest: if There was Darwin Awards in 2024
In April, we traditionally ask our Leading Analyst Sergio Bertoni to share his selection of funny, ridiculous and silly IS incidents.
How to Select Data Security Solution and not Fall for Marketing
With information security threats on the rise, vendors release a slew of data protection solutions. Sergio Bertoni, Lead Analyst at SearchInform suggests following 4 steps to choose the one easily and avoid mistake.
(In)Secure Digest: Mega Leaks, Deepfakes Calls and Ransomware Attack
In our traditional monthly digest, we've gathered a bunch of recent information security incidents.
8 Dangerous Employees’ Actions Which Endanger Corporate Security
Sergio Bertoni, the Senior analyst at SearchInform reveals typical mistakes basing on the real life stories.
(In) Secure Post New Year Digest: a Surprise Email, an Accidental Leak, Work on Mistakes
The time has come to reveal, what happened while we were on New Year's holidays.
01.02
Blog
Travel Agency and COVID-19 Testing Platform Exposed Client Data
In this article you’ll find details on two notifiable information security incidents.
19.01
Blog
(In) Secure Digest The New Year Edition: Stolen Code, DNA leaks and Safe Data Leak
In the final digest of 2023, we’ll tell about stealing corporate secrets, putative labourers, genetic information leaks and very vindictive employees.
Information Security Trends 2024
Sergio Bertoni, Lead Analyst at SearchInform, shares his thoughts and predictions on the key trends in information security for the year 2024.
Unexpected Findings With the Help of FileAuditor Part 2
The second task of the self-test was to check whether user access rights were distributed appropriately and eliminate violations (in case of detection).
Unexpected Findings With the Help of DCAP Solution, or how did we Performed Audit of our File System Part 1
Today we decided to reveal a few illustrative cases of how we performed audit of our own file storages and share that the statistics, provided by clients, isn’t an exaggeration.
Two Recent Information Security Incidents Resulted Into Exposure of Customer Data
Here's another roundup of the latest information security incidents you need to know about today.
Methods of Enhancing Users' IS Literacy: What is the Safest Password?
In this article, we share our experiences and advice on how to enhance employees’ IS-related competencies.
Popular Messenger Users’ Data Leaked and Students' Personal Information Exposed
It's time for us to once again report on two recent notable data leaks again.
Connected Devices Remain the Most Popular Data Leakage Channel
SearchInform together with its partner NEXTA ÇÖZÜM surveyed representatives of 100 Turkish leading companies to find out how their experts ensure data leaks protection, whether they are planning to increase data security budgets and what data channels their security officers consider the riskiest.
(In)Secure Digest: The Case of Classic Phishing Attack, Scammers Among the Team and the Dangerous Vulnerability
In this November digest we gathered interesting and illustrative incidents related to data leaks, fraud and hacks.
Online Casino Leaked Data and Marketing Agency Fined for Last Year's Incident
Today we report on two more recent information security incidents.
Ways to Ensure Children’s Safety on the Internet: Cybersecurity Experts’ Views and Advice
On the occasion of World Children’s Day, we share an article, containing recommendations and a few tools, which can help to protect children from inappropriate content on the Internet.
Deepfake Science Basics: How are They Created and how to Detect Them
Alex Drozd, CISO of SeachInform, sheds light on deepfakes and how they are created.
Exposure of Data on Popular Singapore Hotel Group Clients and French Torrent Tracker Users’ Personal Details Compromise
Today we invite you to examine two recent major data leaks, exposing the details on hundreds of thousands of individuals.
(In)Secure Digest: a Leak via Contractor, Hack of Airline and Case of Corporate Fraud
At the end of the month, traditionally, we’ve gathered a selection of high-profile IS incidents.
Casio and Redcliffe Labs Data Leaks Expose Customer Information
Today, let's examine the incidents those resulted in the disclosure of customer information at two large companies.
Which Aspects of Information Security it’s Crucial to Address for SMEs?
Learn more about the methods of cyber-attacks that SMEs owners should be aware of.
Film Festival Website Leak and Data Theft by Former Employee
Once again, we've rounded up two information security incidents worth knowing about with a short report to keep you informed.
Cyber Attack Detection: What are the Risks of Delay in the Detection and Response and how to Speed up the Attack Discovery Process?
Read the article to find out how to detect a cyber attack just in time and what are the best practices are for detecting cyber attacks.
Tax Details of the Wealthiest Americans Leaked and Billions of Passwords Exposed
We've rounded up two data leakages in the new report on recent data related incidents.
(In)Secure Digest: Pizza Lovers' Data Theft, a Million-dollar Fine and Aircraft Suppliers’ Data Leak
It's time for the traditional monthly review of "classic" and non-trivial IS incidents reported by the media.
A Case in Point: You’ve got Mail
Recently, it was the birthday of electronic mail. To celebrate the occasion, we would like to share the case study from our practice that involves email.
Not all the DLP Solutions are Equally Useful: How to Choose the System and not be Disappointed
In this article we will examine, DLP class systems reproaches are fair and which ones are unfair and will reveal, which limitations are typical for all DLP systems and which are in fact disadvantages of some specific products.
E-mail Compromise: How to Protect Business Against BEC-attacks
The senior analyst at SearchInform, Sergio Bertoni reveals, why BEC attacks are so popular and how to protect against them.
27.09
Blog
38TB Private Data Leak and $9,000 Fine for 7 Years of Customer Data Exposure
In a new roundup of recent information security incidents, we examine two more cases of inadvertent disclosure of private information.
How to Train Employees in Information Security Related Issues Efficiently
In this article, Sergio Luis Bertoni, Leading Analyst at SearchInform will share my observations, based on the practical experience in the sphere of educational courses development.
A Case in Point: Set a Search Rule to Catch a Thief
It's time to present a compelling case study that underscores the criticality of maintaining comprehensive visibility into your organization's file system.
15.09
Blog
Ransom Demand for Human Error and Two-year Data Leakage
Today we will examine two recent instances of data disclosure, both of which, as is often the case, have resulted in serious financial and reputational losses for the companies involved.
Leaked personal data of more than 500,000 employees and an unprotected 4GB database
Today you will learn about the data leak of over 500,000 employees from a major clothing retailer and the 4GB open database from a popular digital publisher.
(In)Secure digest: “shadowy” Amazon, de-anonymization of Northern Ireland police officers and pseudo-hackers
In our traditional (in)Secure digest we’ve gathered news on the recent leaks.
Two recent incidents involving inadvertent personal data exposure
In our new report on recent information security incidents, we examine two cases of inadvertent disclosure of personal data.
Two recent insider incidents: Tesla and Jefferson Health affected
It's time for another roundup of recent information security incidents. Today we're going to reveal details of the Tesla insider incident and the alleged patient data compromise at Jefferson Health.
SearchInform SIEM system – out-of-the box analytics and proactive incident management
Employees in charge of numerous organizations worldwide tend to understand the necessity to implement a SIEM class solution, which detects security events within the digital infrastructure.
The revenge of a bank employee and a fine of 74,400 dollars for a human error
Today, we're going to examine two recent data leak incidents caused by employees.
The number of victims of the MOVEit vulnerability continues to grow: two recent major data leakages
Today, we are going to report on two recent data leakages caused by the well-known MOVEit Transfer attack.
Bunch of new personal data leak incidents: police officers and hospital patients affected
In this report we reveal details on the recent major data related incidents: exposure of hospital patients’ and police officers’ personal data.
Major data leak incident resulted into exposure of Students, Teachers, and School Staff members’ personal Information in the United States, the Caribbean and Latin America
Today we're examining an alarming incident that resulted into exposure of over 680,000 records.
(In)Secure Digest: a patented data leak, Bangladeshi open register and water treatment plant hack
The time has come to find out if July was full with information security incidents. In our traditional digest we've gathered the most memorable incidents.
A case in point: The thirst for revenge
Over the years of working, we have collected a large number of interesting cases. Some of them are amusing, some of them are surprising, but most of them has prevented serious losses for our clients. So, we figured: Why not share them with you?
Sabotage of a water treatment facility: a former employee endangered the health of thousands of people
We often report on incidents involving former employees. This time it is an incident that could have had serious consequences not only for the company itself but also for a large number of people.
Exposure of 61,000 private addresses and one more email error
This week we will look at two incidents that have affected thousands of people by exposing their personal information.
Human Vulnerabilities in Cyber Security
As technology continues to advance, one persistent problem remains: the vulnerability of humans to cyberattacks.
(In)Secure Digest: theft of national secrets, a rogue VPN, and a fine for security guards' curiosity
Here's our monthly roundup of noteworthy information security incidents from June.
Implementation department specialists' workdays: millions of questions and the requirement to know literally everything
Implementation department employees can help customers to quickly manage to work with our solutions and benefit as much as possible from the software usage.
MSSP vs MDR
MSSP vs MDR: what should you choose? This article will help you understand which one suits to your business needs better.
Inadvertent disclosure of personal information
The Public Appointments Service accidentally leaked the personal data of 15,471 candidates for public jobs.
Risks of neural networks and chat bots usage
SearchInform expert reveals artificial intelligence usage related risks and shares advice on how to mitigate them.
One more victim of MOVEit application vulnerability and exposure of data on 260,000 car owners
Learn more about two recent data incidents, which affected Toyota and Prudential subsidiaries' clients.
15.06
Blog
Major data incidents and large penalty for data privacy violation
Learn more about a few recent major data related incidents.
How to put on a vacation
We implement a few strategies to ensure secure access and help employees not to forget all the IS rules while they're on the road. Let's have a look at the checklist and find out, how we do it.
(In)secure digest: data leaks with mileage, refuse to use AI and hack of an account
The time has come for our traditional gather of so-called classic and extraordinary information security incidents, which were reported by mass media.
Recent data privacy incidents
A data leak and massive phishing attack on social network users.
Risk Management Certification
Let's consider one of the most significant frameworks for managing risk is ISO 31000, an international standard that provides principles, best practices, and guidelines for managing risk in organizations.
Leak and misuse of clients’ personal data
Details on a few incident related to violation of clients’ privacy.
The new portion of significant data incidents
Recently details on a number of tremendous data related incidents were exposed.
More than half of companies limit their protection with nominal information security literacy
A research on how companies prefer to train employees in information security and what methods do they implement
(In)Secure digest: if there was the “Darwin Award” in information security sphere – 2023 edition
In this April compilation, you’ll find details on aquarium fraudsters, the financial manager, who squandered the company's money, "super-secure" apps, but something went wrong with them and much more.
05.04
Blog
EPP vs EDR
What is the difference between EPP and EDR? Do they complement each other or they should be used separately?
A new portion of fines for inadequate data protection
Details on a few cases when companies, which failed to implement adequate data protection were fined.
PCI certification
PCI DSS and PCI Certification: All You Need to Know
Certified Risk and Information Systems Control (CRISC)
Сybersecurity and risk management certification: ISACA and ISC
Best Digital Forensics Certifications
The article helps you answer the three most important questions when choosing the right IT security and digital forensics certification.
A bunch of data leak incidents has hit large enterprises
A few large companies and organizations has recenly experienced data related incidents.
Australian companies have experienced large data privacy incidents
Australian large company Latitude Financial, involved in the financial industry and IP firm IPH have experienced data privacy incidents.
Large troves of tech giants’ data leaked
Recently, ACER and Acronis companies’ have experienced massive data related incidents.
Large retailer employees’ data leaked
WHSmith, British retailer has experienced an incident, which led to employees’ personal data leak.
07.03
Blog
(In)secure digest: enormous data leaks and insider’s revelations
The time has come to discuss major data realted incidents, which happened in February.
A famous video game publisher has recently experienced an alleged data related incident
An unidentified intruder has exposed Activision employees’ data. Overall, nearly 20.000 recordings were made publicly available.
Which sources should be controlled by the SIEM system first of all?
It is very useful to maximize the SIEM system load to make sure that you won’t face a situation when something does not work appropriately in the real-life circumstances.
22.02
Blog
AI media manipulation service has leaked large trove of users’ data
AI photo editor Cutout.pro users’ data was leaked. Overall, 9 GB of generated pictures and other data was exposed.
21.02
Blog
What Are the Major Security Threats That Can Be Expected Through an Email?
Learn more about the email risks and how to counter them.
16.02
Blog
The SearchInform DLP deals with the smartphone threat
Learn how the SearchInform DLP functionality helps to detect, whether an insider has a smartphone in hands.
Fizzy giant manufacturer experienced a data related incident
Pepsi Bottling Ventures LLC data was illicitly obtained and extracted because of deployment of info stealer malware.
The SearchInform DLP detects phishing and why would you need this functionality in the DLP class tool?
Learn how the atypical DLP functionalty enhances your corporate protection.
Data privacy incident in the healthcare sector
Details on a cybersecurity incident in the healthcare sector became publicly known recently.
(In)secure post New Year digest: “temporary” failures, corporate insider and data on everyone
The time has come to discuss what happened while we were on a vacation.
An alleged massive data leak affected fashion retailer's customers
Clients' data was probably stolen in a data privacy incident
02.02
Blog
Sportswear manufacturer clients' personal data has been allegedly leaked
Puma clients' personal data has been exposed.
Email marketing service hacked
MailChimp mail service was hacked… again
Details on some data related incidents were disclosed recently
A brief overview of two December data-related incidents
SIEM: Use Cases
We will examine more precisely top SIEM use cases.
UEBA: Use Cases
UEBA systems and reveal their peculiarities
Private Belgian bank experienced an insider incident
The serious data related incident happened with the Degroof Petercam.
Large fines are imposed on game developer for data related incidents
The Epic Games, developer of Fortnite videogame is fined $520 million.
23.12
Blog
Update on the Last Pass data related incident
The data leak, which happened in August turned out to be much more serious that it was believed initially.
23.12
Blog
Resonant cases of data leakages in APAC region
There is a step change taking place in the number of data-related incidents and that is critical.
22.12
Blog
Data on 5.6 million users exposed
Social Blade, the American social media analytics service has experienced a massive data related incident.
20.12
Blog
Uber experienced another data related incident
Uber experienced one more data related incident. However, no link between the September incident and this one has been established.
14.12
Blog
The “misalignment of databases” resulted into a massive data related incident
A large data related incident has recently affected Australian telecom giant Telstra clients.
12.12
Blog
In(secure) digest: lost accounts, compensations for mega leaks and “quick as the wind” leaks
This time we’ve gathered data on serious incidents: attacks on large companies, phishing, forgetful employees, whose actions led to the loss of clients’ data.
A few personal data related incidents details have become known recently
A brief overview of a few data related incidents.
23.11
Blog
Notifiable Privacy Breaches
What is required to do if a data breach incident somehow takes place?
22.11
Blog
MSSP Business Model
What is MSSP? When and for whom is it helpful?
Cyber Threats to National Security
National Cybersecurity: this is how the cyber threat has intensified
18.11
Blog
Recent data leak incidents
A brief overview of two recent data leak incidents.
18.11
Blog
Booz Allen Hamilton Holding Corporation experienced a data breach
Due to insider's actions some personally identifiable information was exposed in a recent incident.
What Are the Major Security Threats That Can Be Expected Through an Email?
Typical email threats and how to counter them
07.11
Blog
Data Loss Prevention Use Cases
This article will help you to learn how to avoid losing data.
04.11
Blog
Benefits of Managed Security Services
How to implement efficient information security protection with MSSP?
02.11
Blog
in(Secure) digest: stellar social engineering, exposed servers and giants under attacks
The most resonant information security incidents in our October digest.
01.11
Blog
Cybersecurity Statistics
Numerous cybersecurity issues: serious threats to businesses
Recent Cyber Incidents
Rise in ransomware attacks and global threats
27.10
Blog
Famous Data Breaches
General Data Protection Regulation, fines, real cases.
26.10
Blog
Insider Threat Awareness
Types of insider threats and insider threat mitigation.
Recent Security Breaches
Young employees, zero trust security and other security breach risks.
Healthcare Cyber Attacks
What makes healthcare organizations a popular target for cyber attacks?
Financial Fraud Cases
The biggest investment fraudsters
Leaked Credit Card
The most significant cases.
19.10
Blog
Best Network Security Software
What should you look for when choosing a provider of best network security software?
Retail online marketplace clients' data leak
Recently, data on 2.2 million customers of Australian retail markeplace has leaked
18.10
Blog
(in)Secure digest: boredom motivated attacks, love to fines and ethical hack
We’ve compiled a selection of information security incidents, which became publicly known in September.
Cybersecurity Report
The biggest challenges and greatest threats in IT security.
Fraud Cases
How to detect some common types of fraud and what may you do about it
Car manufacturer clients' data exposure incident
An inappropriate method of code storage has resulted into a data exposure incident
Outsourcing Security Services
Internal and external information security personnel
05.10
Blog
Cybersecurity Threats and Issues 2022
Records and trends in cybersecurity.
Cyber Attacks on Critical Infrastructure
Critical infrastructure: current situation and best cybersecurity practices
Best Practices for Network Security
The ultimate guide to securing your industrial network using the best network security practices
30.09
Blog
A large database with personal data has been leaked
A 6GB database, which allegedly contained personal information on 16 million users has been leaked.
30.09
Blog
Cybersecurity Investigations
What is required to conduct a cybersecurity investigation
Examples of Cybercrime Cases
What is cybercrime and examples of a few biggest cybercrimes
Biggest Cyber Attacks in History
An overview of some of the most notorious cyberattacks
26.09
Blog
Australian telecom breached
Australian telecommunications company breach turned out to be one of the biggest cyberattack in Australian history
23.09
Blog
Emerging Cyber Threats
An overview of cyber threats, endangering companies and organizations worldwide in 2022.
Data Privacy Day
What is The European Data Protection Day and why data privacy is so important
19.09
Blog
Сryptocurrency insider incident and “the great data exfiltration”
An insider case in cryptocurrency sphere and "The great data exfiltration"
Top 10 Cybersecurity Threats
What are the bigget information security threats this year?
15.09
Blog
Best SIEM Tools
What is a SIEM system and how to choose one?
14.09
Blog
Worst Data Breaches
Prerequisites and consequences of data breaches
14.09
Blog
Biggest Corporate Frauds
An overview of some biggest cases of corporate frauds in history.
Best Endpoint Protection
What is an efficient endpoint protection and a slight overvierw of best solutions.
Best Computer Security Protection
How to ensure best computer security protection?
(In)secure digest: the smell of data leaks, deep fake in the Zoom and an option of becoming the nobility member for only €1000
In August many employees are still on a vacation, however, this doesn’t refer to fraudsters, judicial and law enforcement system representatives.
Onetwotrip ticket booking system users’ data leak
Onetwotrip clients' data leaked
24.08
Blog
The ugly in the realm of beautiful, two new personal data leaks’ details revealed
Detail of two more data leaks revealed
Microsoft credentials leak
Internal login credentials were accidentally uploaded to the company’s own infrastructure on GitHub.
Internet-marketing giant clients’ data leak
Klaviyo clients' data leak took place because of phishing attack
11.08
Blog
Insider Threat Statistics for 2022 The seriousness of insider threat
What is an insider threat and who is an insider? What types of insider threats exist? How to detect an insider threat and what is required to do in order to mitigate risks? You may refere to the article and find out.
A real fortune was made on phone unlocking and unblocking
An American resident managed to earn $25 million by a phone unlocking and unblocking service.
(In)secure digest: lawsuit for leaks, insidious phishing and record leak of personal data
The time has come to discuss if July was full with cyber incidents.
Significant fines are imposed due to information security incidents
Recently, plenty of news on fines imposed due to information security incidents have been published. Let’s have a look at a few significant cases, which took place lately.
25.07
Blog
Confidential documents and personal data leaked due to an insider activities
Central Florida construction firm has recently experienced a data breach. An employee stole a massive of confidential data just before resignation.
The infamous data leak of Chinese citizens’ personal data
Details of one of the biggest data leak ever.
Razer data breach case: a claim against IT solution provider is filled
Due to a security misconfiguration by third-party IT-solution provider, Razer's client's data was at a stake of being exposed.
Sensitive Data Of Colorado Springs Utilities Clients Leaked
Colorado Springs Utilities notified their customers via email that sensitive data was obtained by an “unauthorized party”. The problem appeared to be on a subcontractor side. The name of the company remains unrevealed due to “security reasons”.
Demotivation for intruders: no more ransom payments
Recently the National Cyber Security Centre (NCSC) and the Information Commissioners Office (ICO) published a joint letter, addressed to the Law Society.
14.07
Blog
Exposure of 23 million users’ data
Due to the dangerous misconfiguration of a third-party database owner, personal data of 23 million users was exposed.
(In)secure digest: personal data newsletter, hacked state services and endangered farmers
The time has come to reveal some “classic” and non-trivial information security incidents. As usual, we’ve gathered some of the most impressive cases of the month in our digest.
07.07
Blog
Insider incident affected nonfungible token (NFT) marketplace
This time, one of the largest nonfungible token (NFT) marketplace experienced an insider related data leak.
05.07
Blog
Avaya system administrator: illegal licenses generating and selling
Avaya system administrator was accused of fraud. It was stated that together with accomplices he sold software with additional options for IP-ATC. The overall sum of their financial operations exceeds $88 million.
29.06
Blog
Another personal data leak CafePress clients affected this time
CafePress got its consumers’ sensitive personal data, including Social Security numbers, exposed. The claim against Residual Pumpkin Entity, former owner of CafePress and PlanetArt, current owner of CafePress was filled by the Federal Trade Commission. The main issue of the claim is that the organization had failed to ensure safety of client’s personal data (including Social Security numbers), and covered up the data breach.
Important trends in corporate security
In this article we continue to deal with the topic of corporate security, and we’ll provide a slight overview of some information security trends and advice on how top-managers may eliminate the ongoing risks.
21.06
Blog
Another data leak in the healthcare sphere
Choice Health Insurance database leak, caused by human error took place recently.
Massive database exposed to public access
Another data leak has taken place recently. About 60 GB of data has been exposed to public access.
07.06
Blog
General Motors clients’ personal data was obtained by intruders
General Motors, one of the leading car manufacturer accepted the fact, that last month cybercriminals managed to conduct the credential stuffing attack.
25.05
Blog
Excessive data supplement
According to newest research, people are becoming more conscious in their work with data. Still, a lot of excessive data is transmitted.
18.05
Blog
More than 60% of companies affirmed breach experience in last year
Internal risks are still underestimated.
New concept of organization’s security
It seems that the time has come to elaborate new approach to the concept of organization security
Apple releases patches for 0-Days in MacOS and iOS
Dangerous zero-day vulnerabilities are eliminated by Apple.
The new post-quantum cryptography standards are to be announced soon
New era in post-quantum cryptography standards.
According to Bloomberg, in the middle of 2021 Apple, Meta and Discord staff sent hackers their clients’ data
Users' personal data was sent hackers by mistake.
I resolve to… leave those security errors for good in 2021
The resolutions for businesses to begin the New Year without old mistakes finally cleaning up the awareness mess which never seems to be untangled
Why dismissed employees take revenge and what prevention measures to implement
Revenge hacks and what prevention measures to take.
17.12
Blog
Major outage and government employee data breach
Ransomware keeps surfing the wave of ever-presence
15.12
Blog
Business continuity and information security integration
How to make security part of a general risk prevention and mitigation program
13.12
Blog
Vestas got its personal data affected
The data has allegedly been shared with third parties.
French public transport company tackles a major data breach
RATP data has been exposed via an unprotected server.
The hacker turned out to be the former employee
Ubiquity has gone through a curious case
Panasonic is recovering from a 4-month exposure
The company detected the incident only after a discovery of an extreme network traffic.
01.12
Blog
More data sent to dark web
The sourse of the incident is still being explored.
Major fraud cases in healthcare revealed this year
Pfizer discovers an insider working for a competitor, whereas Genentech hit the news with a deep-rooted story months ago.
26.11
Blog
Government employee helped violators to access data
Otario immunisation system has launched investigation and found an insider.
When your sellers obtain your data
Amazon program was misused by its sellers, and data was intended for rankings boosting. California Pizza Kitchen announces a data employee breach.
19.11
Blog
Robinhood employee tricked by social engineering
7 million users got their data affected in the breach announced by Robinhood.
10.11
Blog
What kind of DLP system do you need in 2022?
David Balaban reflects on the DLP vendors' race for attention, adding of new features, sometimes going beyond the boundaries.
08.11
Blog
Oregon state failed to ensure employees' privacy
And seemingly made it deliberately, at least according to the plaintiffs.
Throckmorton Country Memorial Hospital and Marten Transport face data breach
The recent news might be another case to add to the list of ransomware notches
Ransomware attacks keep companies on alert
The amount isn't disclosed as the hackers' groups haven't received the companies reaction yet
Acer offices in Taiwan hacked
This year the company has already faced a major incident as they were to pay a $50-million ransom.
21.10
Blog
Credit monitoring as most popular offset against data breach
Organisation still lack basic information security solutions.
20.10
Blog
The more they know the less they care
More and more people are unwilling to share their personal data with third parties
18.10
Blog
Facebook security upgrade decision leaked
The company decided to exempt a number of employees from groups which have access to internal message boards.
Former employees took company's security issue to court
The company's staff is aware of what information security is, and disregard to data safety decreases the loyalty of workers.
07.10
Blog
How to tell the difference between a phishing email and a real one?
Don't become a phisher’s target, it's avoidable.
Multi-party breaches vs third-party related incidents
Ripple events are nearly untraceable and affect hundreds of companies
30.09
Blog
Security research based on Indian SME recent experience
Malware attacks are on the rise
29.09
Blog
Afghan interpreters' data leaked due to an employee's mistake
The incident is gaining resonance
24.09
Blog
Data overexposed in manufacturing sector
The relevant statistics and most common security issues in 2021 so far
21.09
Blog
When a hack might be not such a bad thing
…where the bad and the good are twisted.
Users are monitored by gadgets Should we turn down everything digital?
Who should you trust in a digital world?
15.09
Blog
Government sector faces human factor data breach issue
Australian public sector is concerned with the growing number of information leakage episodes due to employee mistakes.
Dallas schools compromised by a city IT employee
Whereas a disgruntled former employee's case was brought to the court.
08.09
Blog
Bangkok Air dashes the ransom offer aside
The popular airline has declined the gang's demand
How to configure DLP and not to overlook a leak
How efficient are DLP systems with preset configurations? Can a system be configured once and for good? Learn how to adjust the settings here.
30.08
Blog
Former employees and foolhardy ransomware attackers
Several information security incidents which have happened recently are all based on utter carefreeness
Data breach cost rises in South Africa, ransomware incidents grow in Australia
Ransomware-related data breaches rose by 24%, the cost of a breach - by 15%.
T-Mobile hacked for the 5th time
The unauthorized access was detected a few days after a number of customers got their data affected.
17.08
Blog
Russian officials obliged to use only domestic messengers
Ministry of Digital Development prepares a regulatory framework for transferring state employees to state-owned platforms by December 2021.
11.08
Blog
Tokyo visitors' data affected
Olympics ticket holders and event volunteers' details have been compromised
27.07
Blog
Does an identity theft has an end or any terms?
Education workers of the Francophone Sud School District are dealing with identity theft.
26.07
Blog
Will or won't paying ransom be made illegal?
Another surge of ransom attacks makes the necessity to remind how slippery the way to deal with them is if you choose to pay.
20.07
Blog
DarkSide behind Guess breach
The famous fashion retailer Guess has officially announced a data breach comprising details of 1,300 people,
14.07
Blog
Air India is asked to recompense the breach
The affected customers might be given more than $400,000 for having their data impacted.
06.07
Blog
Call a hacker - he'll tell you about a breach
Don't have enough information about how the data breach occurred? Speak with the hacker who let it happen.
30.06
Blog
Treasurer’s office vs. mayor
Westfield clerk treasurer's office brought the case regarding the city's mayor act to court
24.06
Blog
Untimely breaches
...or why a law firm can't be trusted
JBS chose to pay ransom
JBS, the largest meat producer, paid a $11 million ransom, according to Andre Nogueira, chief executive of Brazilian JBS SA’s U.S. division
15.06
Blog
Euro 2020 fraudulent websites
It has been recently explored that since the beginning of the year there have been 130 new domains registered – all related to EURO 2020 (EURO 2021) tickets.
10.06
Blog
Top 5 actions to be taken by CEO to increase cybersecurity
Top 5 actions to be taken by CEO to increase cybersecurity and employee trust in the company
08.06
Blog
Trello boards indexed by major search engines put at peril business processes of Russian companies
Almost a million Trello boards, thousands of which contain corporate data of large and small Russian companies, were publicly available.
04.06
Blog
UK Special Forces soldiers aren't sure in their data safety
Over 1,000 UK Special Forces soldiers got their data exposed. The document containing their personal data was distributed via WhatsApp.
04.06
Blog
Microsoft is going to gather cyber security specialists in the APAC region
The APAC countries are concerned about growing information security risks
02.06
Blog
Not all DLP systems are equally helpful
How to choose a system and not to get disappointed
27.05
Blog
Targeting human vs. hacking software
85% of data breaches are the cause of targeting people, not software
21.05
Blog
Why FileAuditor? SearchInform customer gives an elaborate answer
SearchInform customer – scientific technological pharmaceutical company Polysan – has deployed FileAuditor, a DCAP system, and shared the first impression with the company.
19.05
Blog
Why is it important to control third-party security policies?
According to the recent report it seems that roughly half of companies don't know how to deal with third-party security
18.05
Blog
Microsoft threat and database security time bomb
Companies using Microsoft 365 might jeopardise their data safety and be more vulnerable than those who don't. 19 petabytes of data are exposed right now according to CyberNews.
13.05
Blog
A "remote" reminder
Don't set it loose when it comes to data security
Outsourcing the role of information security officer
A piece of insight into infosec as an MSSP solution
Order in your files and folders: how to organize access control and protection against leaks
Expansion of the IT infrastructure complicates controlling who accesses, copies, moves from folders, and deletes information.
20.04
Blog
Was there a breach?
Companies refuse to admit leakage accusing announcers of misleading its readers.
16.04
Blog
Better employee experience from security viewpoint
What should be done to ensure it?
14.04
Blog
(In) Secure digest: the hit parade of the most comical infosecurity incidents
The most comical infosecurity incidents to laugh and learn from it. Enjoy, but tread carefully!
07.04
Blog
Blocking that does not slow down business processes
Interview with Sergey Ozhegov, CEO of SearchInform
05.04
Blog
All about invisible DLP control and where its invisibility ends
The DLP doesn’t function in a hidden mode for nothing: on the one hand, it doesn’t interfere with the work of respectable employees, on the other hand, it helps to catch insiders off guard.
02.04
Blog
Fraudsters won’t miss a chance — what threats to people and business remain in 2021
The “Roaring 20s” is no longer a euphemism from the last century, in the 21st the new decade also began loudly.
31.03
Blog
How to detect an employee accepting kickbacks using DLP?
Proven schemes for searching for corrupt individuals in the company.
24.03
Blog
Shell goes through a data breach
Accellion service the company uses got destabilised by a hack
23.03
Blog
How to surf the flow of information security events: use SIEM system correctly
Security Information and Event Management works on the principle of video surveillance.
26.02
Blog
Clubhouse might be an issue
What are the chances of it turning into a Clubhole
24.02
Blog
Why is the Telegram bot allowing you change Caller ID dangerous?
Telegram bot and the growing number of scammers
21.02
Blog
(In)Secure digest: default passwords, sensitive info for free, and phisher salary
Every month we collect "classic" and non-trivial incidents on Infosecurity across the world and in Russia in particular. Here is our first digest for 2021.
COBM: once a leak always a leak
One of the most massive compilation leaks
iPhones which weren't meant for selling
An employee of a recycling company profiteered from selling Apple products
ABSA leak might still have impact
How is ABSA bank doing after an employee’s security policy violation?
Insider check: could you be damage to your company?
The test will define you as a certain type of insider. Remember: any employee could become a culprit of a leak, however, circumstances are different. We don’t mean to pretend “scientific”, we intend to make this test entertaining and informative.
Legal monitoring, smartphones control and your employee personal portrait
These and other ticklish issues regarding the launch of information security solution within your system.
20.01
Blog
Signal replaces WhatsApp?
The most popular messenger has recently announced an update which made users question its necessity
Ex-employee takes data to a new job
SoftBank former employee took data to another company, whereas a Canadian firm Aurora Cannabis informed its staffers about breached personal data on the last day of the year.
Why does healthcare require the severest cybersecurity measures?
Innovations are designed to improve the quality of service and save time for patients and doctors, however, doctors and patients realize how vulnerable medical information is.
25.12
Blog
2020 infosec in pictures
You've been with us all this year and you remember all 2020 news we've shared with you. Let's smile and frown at it together!
Ledger hardware wallet breach echoes with phishing
The investigation into the Ledger compromised security case was launched after the data breach which dates back to June 25, 2020.
An entire database stolen, Microsoft hacked
People’s Energy company faces an overwhelming data exposure, Microsoft becomes another company tricked by hackers via SolarWinds in case the investigation proves it.
FAQ: Frequently Asked and Finally Answered
15 questions the monitoring solution developer responds to during seminars.
Agencies urged to disconnect SolarWinds Orion
...as the massive exploit has been recently reported.
Should companies pay ransom? Is there a way out when you’re deprived of confidential data?
One of the world’s biggest plane makers got its data leaked.
07.12
Blog
How much can a GDPR breach cost you?
Non-compliance could cost companies dearly
03.12
Blog
Records of 16 million Brazilian Covid-19 patients leaked
The spreadsheet was found on GitHub
30.11
Blog
South Koreans data was leaked by Facebook
Facebook is penalized by South Korea’s regulatory authority for divulging user data.
26.11
Blog
(In)secure digest: Tesla sabotage, hospital blackmailer and excessively patriotic President
Every month we enrich our collection of classic and non-trivial cybersecurity cases. Data leaks, frauds, sabotage, and other incidents caused by insiders are of our interest.
Indian companies chose cloud
83% of companies chose cloud to deal with cybersecurity issues of remote work quick
Booking.com, Agoda, Expedia Group, Hotels.com customer data impacted
Another misconfigured Amazon Web Services (AWS) S3 bucket
How much can a former employee cost you?
Keeping the accounts of dismissed employees active and failing to revoke excessive rights might be one of the biggest mistakes a company can make.
U.S. city will pay the Office for Civil Rights $202,400
New Haven, Connecticut, didn’t deny access and left confidential health information available to a former employee.
A customer guessed a password
A customer guessed a WeWork shared user account password for employees
Aetna charged $1m for three data breaches under HIPAA
The HIPAA (the Health Insurance Portability and Accountability Act) has exacted a $1 million penalty from Aetna, U.S. health care insurance company.
Awareness doesn’t prevent from human factor
Employees keep opening emails even though they look like a phishing attack
28.10
Blog
Law firm exposes Google staffers' data
Form I-9 files comprising personal data got breached.
(In) Secure digest: the science of information security, death cyberattack, and bank leaks
We collected "classic" and non-trivial incidents reported by foreign media
British Airways has been charged £20 million
British Airways have been charged £20 million instead of paying £183 million – the initial fine imposed by the Information Commissioner’s Office.
Shifting to the cloud
Almost half of IT companies shifted to the cloud during the lockdown
10 questions about the DLP system: why do I need it, what can I do, and what can't I do?
Today DLP system’s purpose is not just monitoring data leaks as it was in the beginning - now DLP systems are commonly used to solve a much broader list of problems.
620 Maltese citizens have filed a claim
The company is reported to have breached GDPR.
Tesla factory sabotaged by employee
The company became aware of the incident last month.
Rights and wrongs when creating profile
How can you analyse employee personality and steer clear of breaching privacy?
Mayo Clinic clients’ data was accessed by a former employee
A former employee has compromised more than 1600 patient records.
07.10
Blog
The biggest GDPR fine in Germany
H&M will be charged €35.3 million – penalty imposed by the Data Protection Authority of Hamburg.
No ransom paid - no data saved
Personal data of students and employees got leaked.
Data breaches analysis
SearchInform analysed breaches that occurred in the first half of 2020.
25.09
Blog
Insiders in Shopify and patients records leaked by an employee
4000 patients records appeared to be exposed over the past few years.
23.09
Blog
Student data breach at the Warsaw University of Life Sciences
BYOD might face some critics, as usage of personal devices led to a data breach.
93% IT leaders claimed outbound email led to data breach in the last year
538 senior specialists mitigating security risks took part in the survey.
Data Protection in the Cloud
Security innovations and strict compliance are key in achieving the utmost security for your cloud data.
14.09
Blog
The Darwin Awards in Information Security World
...or 7 stories about stupidity, careless work, credulity and their consequences
Information security in small businesses demands owners' and execs' attention
Each third employee considers information security within a company an average or a massive issue.
What is confidential information and how does it affect your finances?
There is an edifying example, which proves common knowledge that there is many a slip ‘twixt cup and lip.
Use case: user behavior and insider detection
Insider threat is a tough and quirky menace to track down and pin.
Leaked on purpose
The Intel leakage was intentional, according to both Intel and ZDNet.
$3.86 million is an average expense when dealing with a data breach
500 organisations which experienced data breaches were studied during the survey.
Use case: eDiscovery
Proper information governance facilitates data search and analysis required for internal investigation.
Bribing an employee to compromise the company's security
A Nevada-based company's employee was bribed by a Russian fraudster to install a malware within the corporate network.
Use case: file cleanup
In order to transform disorganized data into valuable insights you certainly need a powerful tool, which will assist you in file analysis ensuring frequent information verification.
A 65% increase in phishing attacks
Agari reports results drawn from the company's recent survey covering the first half of 2020.
Ensuring security and compliance in multi-departmental teams
As different departments have their own specific risk management frameworks they lack correlation and coordination - enterprise risk management ensures consistency.
If a data breach - then data protection tips
A detailed check-list of actions to take in order to save the data
21.08
Blog
Enormous, but hidden Uber 2016 data breach goes public
The federal prosecutors of the US charged Uber’s former chief security officer, Joe Sullivan for his attempt to cover-up this massive breach.
21.08
Blog
ABC insider breach in major tech company in NY
Tyler C. King, a savvy man from Dallas, Texas was accused of computer fraud and aggravated identity theft.
17.08
Blog
Two important data protection questions to answer: Why and How to protect data at rest, in motion and in use
A short explanation why to protect your sensitive data, types of data and advice on how to protect data at rest, in motion and in use.
14.08
Blog
Key features of employee monitoring software
Are you sure that your employees do not goof off? Are you sure your employees are not idling away precious hours of productivity they rather spend on work-related tasks?
Healthcare app, college students' data and other leaks
Patient details, telecom user data, low security level at a university - data breaches have already become frequent in the healthcare, telecom and education sectors.
User activity audit, investigation
There are so many contextual factors to sift through that actually finding the newest threat and eliminating it is an encumbering job.
Compliance
Regulatory internet data laws you should be aware of and maintain compliance with
Use case: access control and change management
The solution boosts risk assessment ensuring that access rights are properly managed and privileged user activity is under control, data access policies are in place and kept updated.
Data protection and classification
The massive impact of access to your data being obtained and an outsider security risk materializing cannot be overstated.
04.08
Blog
Access rights audit
Our data need insurance, and just like we have to cover every other potential risk that we couldn’t afford compensating for if it materialized, we need to conduct a security audit of our sensitive data.
04.08
Blog
Impactful data breaches in 2020 so far
Sometimes people do the simplest cyber security mistakes, namely, misconfiguring a database or using the same password for their bank account that they used for their social media
31.07
Blog
Life changing risks pentesters take to help you boost security (cont.)
The very courthouse that they broke into last night and now they’re sitting in the courthouse waiting to see the judge.
The Twitter breach seems to be an insider job
Accounts were targeted on the 15th of July, and the investigation is ongoing.
28.07
Blog
Life changing risks pentesters take to help you boost security
Conducting a penetration test on a courthouse and defending in front of a judge in the same building a few hours after – this is what happened to two pentesters working under contract.
Malaysian telco customer data breach
A syndicate was gaining profit from illegal charges for services provided to clients of different telecom companies who weren’t aware of making payment.
27.07
Blog
EU largest telecom affected in a ransomware attack
Bleeping computer detected and reported the breach
22.07
Blog
Businesses’ role in cyber security and threat prevention
The financial service company sector is targeted more than any other industry, as attacks against them account for over a quarter of cyberattacks.
20.07
Blog
Dutch authority charges under GDPR
Dutch Data Protection Authority charges Dutch Credit Registration Bureau €830,000.
How to comply with the Bill effectively?
The Personal Data Protection Bill has been developed for three years already and requires attention to the issue of efficient compliance.
Mobile device encryption
Businesses realized the important role devices play as long ago as 2004, thus giving rise to mobile device management, a set of tools and practices that allow administrators to manage devices, apps, and increase device security.
How to stop hackers
Hacking isn’t quite as flashy as in the movies and it takes a major time investment on the criminal’s part, however it is every bit as damaging and threatening to companies as it is portrayed
BMW and other car owners got their data breached
UK car owners got their data compromised. About half of a million car owners got their data exposed, the individuals including BMW, Hyundai, SEAT, Mercedes and Honda owners.
06.07
Blog
Corporate espionage
A little-known evil that is occurring today is the phenomenon of industrial espionage. In fact, this is a problem that has been around for quite some time.
02.07
Blog
UniCredit is fined by Garante
The Italian Data Protection Authority, also known as “Garante” (Garante per la protezione dei dati personali) has imposed a fine on UniCredit institution.
Internet privacy laws and regulations
One of the greatest challenges in the world today is making the Internet a secure place.
The cloud services revolution
Conducting software and web operations is an expensive endeavor indeed.
29.06
Blog
A vulnerability in a WordPress plugin
Credit card "skimmerware" - can you tell if a virtual transaction is safe?
29.06
Blog
Massive email-targeted incidents only now being resolved
Ransomware scammers have enough time and dark web - enough space till launched investigations get carried out.
26.06
Blog
The information security team
Cyber criminals are working very hard to discover top-secret company information in order to sabotage it or sell the information to other companies.
Security in an ever more connected world
We live in a world that is forever shrinking, and the more connected we become to the things in our environment, the more convenient our errands and everyday work become.
25.06
Blog
User data up for sale on the dark web
Pakistan and Indonesia got the data of patients and mobile users offered for a considerable sum
The CIA and its major security incident
This year the processing of the court case considering the employee who breached the CIA's data in 2016 to WikiLeaks has been resumed
Tait Towers Manufacturing data compromised
The data breach has recently been announced by the gear provider
Monitoring solution in the cloud
According to the research conducted by SearchInform, each company detected a user attempt to take at least some corporate data, whereas only 26% controlled employee activity with the help of monitoring software.
BEML sensitive data leaked
BEML, Indian defence contractor, couldn't protect internal documents from appearing on the dark web
Intricate fraud impacting Electrolux revealed
Electrolux, Solid Bridge got affected in BEC attacks.
08.06
Blog
To be applied... New apps, new laws
Will the privacy limits be reconsidered? Dedigitisation as utopia
How to measure the performance of remote and onsite employees
Going remote is a challenge, and work discipline might “shiver”. There is a chance that as soon as employees put on slippers and robes they will feel too comfortable and that will impact the quality of their performance.
7 million Indians got their data affected
BHIM (Bharat Interface Money), an Indian mobile payment app, put user personal data in jeopardy.
Subscribe to get helpful articles and white papers.
We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.
SearchInform products are recognized by
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!