Blog

2019: Trends and Breaches
This autumn, experts have counted 5183 data breaches around the world compromising 7.9 billion records, and 2019 was claimed to be the worst in the history of data leakage.
Ring doorbells owners' data got breached
Ring tackles a personal data breach
23.12 Blog
Honda's second breach since August
Honda has got breached exposing a massive amount of personal data for the second time since August.
1 million users got their web activities exposed
890 GB of browsing records which could be easily attributed to individuals were compromised by a web filter software developer.
How to max out SearchInform services
Read and learn how to establish a smoothly supervized workflow and not to the detriment of your primary activities.
Broadlink fires an insider
Broadlink has recently dismissed an employee who pled guilty to device theft and data exposure.
10.12 Blog
Deepfake: when audio forged by social engineering becomes a global threat
According to Gartner, by 2022 30% of all the cyberattacks could be targeted at damaging data, which is the material for neural network algorithm manipulations, as well as at the theft of ready-made machine learning examples.
Ericsson can pay up to $1 billion for bribing officials
Ericsson company is to pay a $1 billion fine admitting to bribing government authorities during 17 years.
09.12 Blog
Wanted: who is the most dangerous employee in a bank?
They all work with different information, dealing with data at rest and data in use, have their own tasks and use specific instruments.
Internet resources valued at $54,000,000 compromised due to an insider activity
The resources were stolen and put up for sale on the black market.
06.12 Blog
Nebraska Medicine fired the employee for unauthorised access
An employee at Nebraska Medicine was dismissed after the unauthorised access to patients’ data was discovered.
05.12 Blog
TrueDialog got its database with millions of accounts exposed
Account details and messages got compromised due to an unencrypted database
03.12 Blog
Gun buyback programme exposes tens of thousands New Zealanders
The costly programme compromised personal data of New Zealand citizens
02.12 Blog
Data of 1 million T-Mobile users leaked
The average cost of a data breach keeps growing
25.11 Blog
Voice assistants risk assessment
Voice assistants became subject to investigative journalism — a few high profile publications made readers think twice before using a “helper” or even talking close to the microphone. And that is what we have learned this year.
WeWork employees leaked clients' contracts
...as the company launched a redundancy process
22.11 Blog
Data at rest encryption
Whether your data encryption is on your computer, a flash drive, on a cloud, or includes your entire disc, proper encryption and management are essential to keep your resources and data safe and ensure that you maintain compliance.
72% of retailers have dealt with data breaches
Some recent statistics on retail facing data breaches
19.11 Blog
Disney accounts hacked hours after service launch
Personal data was leaked during the first several hours of the service operating.
18.11 Blog
Maxed out server led to data breach discovery
From May 2014 to March 2016 InfoTrax Systems was affected by a violator more than 20 times.
15.11 Blog
Google fires an insider
An employee leaking data to the reporters has been dismissed.
13.11 Blog
Bulk email leaked data of 2,000 students
Human error keeps affecting organisations’ reputation.
12.11 Blog
What is a DLP system? How do active DLP systems work in 2019?
What is a DLP system? How do active DLP systems work in 2019?
Although everyone is aware of risks that their data could be stolen, this is only the beginning of the IT risks companies must safeguard themselves from.
Trend Micro employee leaks a corporate database
Trend Micro, a cyber-security solutions worldwide provider, has been breached
07.11 Blog
Data protection
Business processes are migrating into a virtual environment, and companies have long started to keep e-document flow while introducing new management technologies.
Vedantu compromised details of 687,000 users
Vedantu compromised details of 687,000 users
Companies keep dealing with consequences of unprotected databases stored in the cloud
06.11 Blog
3 million UniCredit clients got their data leaked
The popular European bank contributed €2.4 billion to increase cybersecurity level
29.10 Blog
Adobe Creative Cloud users had their data breached
Unprotected database is detected and reported to Adobe
28.10 Blog
Autoclerk database breached data of US military employees
Misconfigured databases in the cloud keep being a relevant security issue.
23.10 Blog
Half of respondents are more cautious about personal data usage than a year ago
Ping Identity has provided markets with the new research
22.10 Blog
CenturyLink Inc. has its database breached
Databases in MongoDB cloud storages keep being breached
21.10 Blog
Data forensics
Data forensics
When most people hear the word “forensics”, what usually comes to peoples’ minds right away is that it will involve somebody in a lab and a white coat working long hours.
The new research shows human factor as the sharpest spike a business can be punctured with
Cyber Insecurity: Managing Threats From Within study surveyed 300 C-suit specialists
16.10 Blog
Protecting information on flash drives
A joint study of Illinois and Michigan universities revealed that 48% of people plug in random flash drives. We have selected the main points and findings which prove that the user behaviour plays an important role in protecting information.
Risk management matrix
Risk management matrix
We take risks every day, from the moment we wake up until we go to bed at night, as they are a normal part of life.
What is an insider threat detection program?
Although we all hope that we can trust each of our employees and that it will never happen to us, the truth is that malicious insiders are a relevant risk in today’s corporate world.
Defense Intelligence Agency's insider faces a prison sentence
The U.S. Defense Intelligence Agency brings to justice their offender who leaked classified information to journalists.
10.10 Blog
92 million Brazilians’ data leaked
Almost half of Brazil population got their personal data breached to a few members-only forums on the dark web.
08.10 Blog
Standard DLP is inefficient against insider threats, according to the new research
Standard DLPs which primary concern of is limited by not letting employees send data outside the network aren't efficient
07.10 Blog
What is data at rest?
What is data at rest?
Under the conditions of today’s digital climate, sooner or later your information will eventually find its way into the wrong hands.
Ensure confidentiality while printing documents
According to the recent Shred-it study, negligence represents one of the key reasons for data breaches.
03.10 Blog
Former Yahoo employee breaches 6000 accounts
A former Yahoo employee was searching for the sexual content of users among who there were his friends and colleagues.
03.10 Blog
Main aspects of information security
Main aspects of information security
Corporate security is not a new phenomenon. What we now understand as corporate security has existed since the emergence of trade. Merchants sought to protect their professional secrets from competitors in order not to lose profits.
September highlighted 2019 breach list
Data breaches caused by the very companies which were affected hit the biggest numbers of leaked records
02.10 Blog
DoorDash food delivery service has data of 4.9 million people leaked
4.9 million customers, employees and the company’s independent contractors had their personal data compromised.
27.09 Blog
Half of employees still have access rights that they should no longer have
52% of employees who were reassigned to other jobs still have access to the data which isn’t related to their new tasks.
26.09 Blog
Malindo Air customer databases leaked by a contractor
Malindo Air customer databases leaked by a contractor
Reportedly 30 million Malindo Air passengers got their data compromised in a third-party leak.
23.09 Blog
Security risk management assessments
Security risk assessments are performed for the purpose of identifying, evaluating, and prioritizing risks associated with a company’s use and operation of information systems to its operations and assets.
Major data leak reveals sensitive details of Russian telecoms
Major data leak reveals sensitive details of Russian telecoms
The exposed information on telecoms used for surveillance became public by a Nokia employee.
19.09 Blog
Employee monitoring issues
Business ethics are the contemporary norms, set of values, and principles guiding the actions and behavior of employees at the companies they work for from a legal and moral standpoint.
All Ecuador citizens were affected by a recent data breach
All Ecuador citizens were affected by a recent data breach
More than 16 million people in Ecuador got their data exposed in an online leak
17.09 Blog
UNICEF compromised personal data of 8,253 users
UNICEF online learning portal Agora created an email and sent it to almost 20,000 portal users
12.09 Blog
Employment of friends and relatives
The Sales Department had not been fulfilling a plan for three months. The reasons were unobvious: it was a business season, and there were no issues with the discipline and skills of the employees, but the number of deals has decreased.
Detection and mitigation of internal corporate risks
The meaning of risk is the possibility of loss. Thus, what risk management entails is the process of identifying, analyzing, assessing, and prioritizing risk.
Risk assessment matrices
With the plethora of risks that accompany running a business, it is much more practical to have everything organized in written form or, better yet, in the form of diagrams for a concrete, concise representation of which risks the company faces as well as the severity of them.
One company, one year, 238 breaches
238 data breaches were registered during 2018-2019 at the Countess of Chester Hospital
05.09 Blog
Email monitoring
As much as companies try to foster a culture of positivity in the corporate environment, put all sorts of system limitations in place, and emphasize strict company policy to keep employees from engaging in things they shouldn’t be doing, fraud still goes on, and it is rampant, hence the demand for email monitoring.
Two booking services breached customer data
Two booking services breached customer data
Option Way and Teletext Holidays exposed their clients' data
03.09 Blog
Configuring DLP system
The installation of a DLP system can be managed even by a novice system administrator. However, its fine-tuning requires some skills and experience.
Former FBI director keeps bureau information at home
Former FBI director, James Comey, took confidential data home after he left the bureau.
30.08 Blog
Web activity monitoring
Web activity monitoring
In the technology era in which employers are looking to squeeze everything out of their employees that they can and optimize business efficiency to the max, a plethora of process optimization industries have sprouted up that offer to facilitate businesses’ success.
A Ukrainian crypto miner is to pay for his activity
An employee sabotaged the plant's work
26.08 Blog
Remote employee monitoring
As of late, there has been a great rise in employers’ desire to keep as close an eye on their employees as possible and analyze their activities in-depth to achieve the best idea of the level of their performance and the degree to which they are complying with policy.
User behavior analytics
Given the widely known and harnessed power of data analytics, companies utilize all sorts of information on their customers for a variety of purposes. Many use this information to most efficiently allocate their marketing expenses.
MoviePass cardholders' data was affected
The database with more than a hundred million records was exposed
22.08 Blog
Fundamentals of IS | Fundamentals of IS. data protection
The founder of cybernetics Norbert Wiener believed that information has the unique characteristics and cannot be described as neither energy nor matter. A special status of information as a phenomenon resulted in a proliferation of definitions.
User activity monitoring
User activity monitoring
The more that a company knows about its workers, the more it can harness that knowledge to propel the business’ success to the next level. Employers do not want to leave productivity up to chance.
Internal auditing
It goes without saying that efficiency is one of the most basic ingredients of a successful business and there is always room to ameliorate.
Insider threat statistics
A company having its secrets and confidential information stolen, its funds robbed, or damage caused to it is an ever-present threat that companies may take appropriate measures to avoid.
Google and Apple halt employee processing audio recorded by voice assistants
Google and Apple suspend reviewing of audio recorded by voice assistants for recognition enhancement.
07.08 Blog
JIRA exposes corporate data of Google, Yahoo and NASA
NASA, Yahoo, Google, Zendesk, Informatica, 1password, Lenovo, and some government institutions got their data open to public
06.08 Blog
HR investigations
HR investigations
Although the primary function of a human resources department is to recruit and train personnel, there are many situations in the workplace that HR has to deal with, including ethics breaches and company policy violations.
Capital One is to explain the leak to Congress
Capital One is to explain the leak to Congress
House and Senate committees are going to unfold a serious investigation procedure
02.08 Blog
IS Worldwide | The problems of information security in the world
By information security, we mean a set of organizational and technical measures to ensure the protection, integrity, accessibility and manageability of data arrays.
Deutsche Bank former employee sent 450 emails from his account
An equity sales person still had the access to the corporate email after being dismissed
30.07 Blog
NAB faces two major data breaches in three years
National Australia Bank is to revise its information security mechanisms
29.07 Blog
Extremist activity in the team
The department head noticed that an employee’s work had changed for the worse.
Shell companies and drug network
Company N called for a tender for preparation of design estimate documentation. At the stage of receiving requests the company found out that one of their employees had attempted to participate too.
Employee productivity
Employee productivity
Every bit of what makes a company successful comes from work implemented through the actions of a company’s employees.
Equifax will pay $700 million to cover the 2017 breach impact
The company has signed a settlement to manage all the lawsuits brought due to the data breach which occurred in 2017.
23.07 Blog
How to digitize human factor
How to digitize human factor
Prevention is the key process of incident management – it is better to discover reasons and sources of a possible security breach than to fight consequences. Potential insiders are not easy to detect, and general data safety approach including basic instruments are not sufficient to reveal a violator.
Computer forensics
When you discover that your enterprise has been victimized by cybercrime or breached, your first thought is to seek out the origin of the crime.
Business continuity
Business continuity
Considering the significant amount of money most people have invested in their businesses, it is important that the full rewards of it can be reaped.
Google's contractor leaks confidential audio data
A language expert who was to enhance Google Assistant breached more than a thousand audio files
15.07 Blog
Search for a new job
An employee was viewing vacancies on his corporate computer and receiving invitations to job interviews sent by business competitors. A company's risk manager detected the suspicious activity and took the employee under control.
160,000 CVs leaked to Taobao by Zhaoping ex-employees
It took investigation specialists a year to bring the case to trial
11.07 Blog
Magnasoft Consulting ex-employees took confidential data with them
10 months ago the company was informed about the leak by a client, and only now the details get exposed.
10.07 Blog
Insider threat tools
Insider threat tools
While all the hype about unknown threats breaching a company’s privacy, stealing its confidential information and company secrets, purposefully inflicting damage to its public image, and robbing it of its funds is worth keeping in mind to protect against, the losses that would result from that actually occurring are not as great as most people believe.
A contractor of NSA is to face 9 years of sentence
The incident is said to outdo the case stirred up by Snowden
08.07 Blog
Distribution of negative opinion
The system detected the correspondence between colleagues discovering one of the employees being outraged by the incentive system and other aspects of the management approach to employees.
Top secret classified documents taken home by a contractor at the NASIC
An investigation of a marijuana case brought to the discovery of highly confidential files at the house of a contractor
04.07 Blog
Personal data of Hong Kong police officers has been leaked
Eight people have been arrested for exposing officers’ personal data online.
04.07 Blog
Data security and data encryption in business
Data security and data encryption in business
Encryption involves a plain text being coded into “encrypted” form using a cipher text and then being “decrypted” with a cipher text by the recipient on the other end.
More than a terabyte of data has been exposed for an unknown period of time
Attunity, a data management company, has compromised loads of information stored in Amazon S3 buckets
02.07 Blog
Corporate fraud investigations. Fraud security & protection
Corporate fraud could be defined as a loss to a corporation due to deceitful management. These schemes are often marked by their complexity and economic impact.
Equifax employee sentenced to four months for inside trading
Equifax and UBS former employees are facing a sentence and a fine
28.06 Blog
McAfee's employees take trade secret to Tanium
McAfee brings a lawsuit against three former employees for leaking the confidential data to a competitor
27.06 Blog
Taiwan’s civil service system reports data of 240,000 civil servants compromised
The agency is to comply with Personal Information Protection Act and Cyber Security Management Act
27.06 Blog
What is Risk Mitigation Strategy? Define Risk Evaluation Plan
What is Risk Mitigation Strategy? Define Risk Evaluation Plan
To define risk mitigation, let us first specify what risk is. “Risk” is the possibility of loss. Thus, risk mitigation entails a concentrated effort to reduce adverse effects.
645,000 Oregon residents had their personal data leaked
“Most client information involved in the breach was in email attachments,
24.06 Blog
An employee leaked data of 2.9 million Desjardins' members
Desjardins, the largest federation of credit unions in North America, has headlined data leak news
21.06 Blog
Retrieval-Masters Creditors Bureau Inc. files for Chapter 11 bankruptcy
The breach has made the company to begin liquidation process
19.06 Blog
Two breaches bring to company's shut down
LandMark White has been suspended twice and is looking for the reinstatement
17.06 Blog
What is Risk Management? Solutions, Strategies, Services & Tools
Anyone who has ever been involved in business knows that there is risk everywhere. What is risk management?
PHI is the juiciest type of data according to the researchers
Personal Health Information (PHI) appears to be more profitable than other kinds of personal details
14.06 Blog
How to Reduce Internal and External Threats to Organizations
How to Reduce Internal and External Threats to Organizations
With the current state of the global economy and employees feeling ever more pressure, internal security threats are on the rise.
Illegal business arrangements
Employees can create their own legal entities that will interact with an employer company. For example, fraudsters can use their job positions and promote their own enterprise as a counterparty and at the same time offer disadvantageous terms and conditions of cooperation.
What is Fraud Detection? Fraud Detection Software & Solutions
What is Fraud Detection? Fraud Detection Software & Solutions
From advancing computing speeds to high-performance analytics to machine learning and other forms of AI, fraud prevention technology has come a long way.
71% of the C-level are willing to cover up data leaks
whereas 61% of IT specialists claim they would hide the details of a data breach
30.05 Blog
Using personal mailbox
Sending confidential details from corporate to personal email
28.05 Blog
HCL leaks confidential data, Instagram exposes the data of most popular users
India’s third-biggest IT services company leaks employees' data and project details, Instagram should check the security level of third-parties
22.05 Blog
What is Employee Monitoring Software or Employee Tracking System?
What is Employee Monitoring Software or Employee Tracking System?
Do you know what your employees are up to? Businesses are well aware that gaining a good understanding of what their employees are up to can work wonders in raising their work efficiency.
Information Security Threats
Information Security Threats
Information security in the broadest sense is a combination of means to protect information from accidental or deliberate exposure.
Google's amplifying monitoring measures
Employees have been reminded about the changes to the data security policy they hadn't been informed before
15.05 Blog
14.05 Blog
Information Security Incident Management | IS Incident Management
Information Security Incident Management | IS Incident Management
The system of data leakage protection is based, above all, on the detection, prevention, registration and mitigation of information security incidents or events that violate regulated procedures.
Uber might face a GDPR fine
Drivers demand that the charges are brought against Uber
08.05 Blog
Protection Against Information Leaks | Organization the protection of information from leakage through technical channels
We reviewed the results of the study related to the leakage of financial and other corporate confidential information.
A Chinese developer sent to prison for leaking the code to GitHub
A former DJI employee fined $29,000 and faces a 6-month sentence
30.04 Blog
130 million hotel clients got their data leaked
Huazhu Hotels Group has leaked data of their customers, Cathay Pacific are to avoid penalties
29.04 Blog
How to Choose a DLP System
The global market of information security tools offers a wide range of DLP systems (Data Leak Prevention). And the demand for them is only growing.
Identifying terror threats
The correspondence of employees in the corporate chat was intercepted. The employees were discussing the war in Syria, and one of them spoke negatively of Russia’s role in the conflict.
Methods to Protect Information | Methods and Tools for Data Protection
Methods to Protect Information | Methods and Tools for Data Protection
Computer data is prone both to loss due to malfunction or destruction of equipment, and to theft. Protection methods include the use of hardware and devices, as well as specialized technical tools with software.
DLP systems | What is a DLP system, and how does it work?
As of today, the market of DLP systems is one of the fastest growing among all markets of information security tools.
Concept of DLP Systems | What is a DLP system?
DLP software is used to protect confidential data from internal threats. However, even if information security specialists adopted protection tools and use them against external violators, struggle with internal violators is more challenging.
Five Republican senators got their data maliciously exposed
A former system administrator in the office of Senator Hassan exposed the personal details in response to his dismissal
08.04 Blog
Using personal mailbox
A car center employee was caught sending sensitive data from corporate to personal email.
The London Borough of Newham fined £145,000 for leaking Gangs Matrix
A Newham Council employee sent an email with unedited confidential data to 44 external organisations
05.04 Blog
Personal data leakage
The risk management department noticed that one of the dentists of the state clinic used to send to his personal email cards with health data.
Communication with competitors
An employee received a message with an offer to meet and discuss “some common issues”.
Leakage of a customer database
A security policy response attracted the attention of the risk managers responsible for monitoring to the abnormal activity of an employee who accessed the customer databases that include the information on individuals.
Attempt to leak tender documentation
The results of the monitoring revealed that the employee was ordered to send the document to this email address by his manager.
Leakage of a supplier database
The study of user relations made it possible to establish that the employee transmitted information to her husband who had a plot with the company's competitors.
Payoffs
An employee logged into the personal mailbox from the corporate computer – a DLP system automatically "scanned" the last sent and received emails.
Leakage of a company's business plan
With the help of the integrated policies the system alerted to a suspicious activity - one of the employees discussed the company's short-term development plans with an unknown user via Skype.
Leaking the company's know-how
The risk management department found confidential files on the computer of an employee who wasn't authorized to access them. Moreover, when the incident happened, the employee was on vacation.
Former employees get sued for leaking data to KPMG
Staff members of the accounting oversight body took the jobs at KPMG and brought the inspection information details with them
12.03 Blog
Fraud Detection & Prevention Software: Business, Accounting, Banks
Fraud Detection & Prevention Software: Business, Accounting, Banks
If most people were asked if stealing is wrong, they would answer “Yes”. In spite of this, organizations all over the world lose about 4 billion dollars to fraud on an annual basis.
How to Prevent Identity Theft & Fraud. Types of Corporate Frauds.
Avoiding corporate fraud is no easy task considering the great variety of forms of embezzlement and deception that may take place. In the past 20 years, over 1,000 executives have been convicted of corporate fraud.
An employee leaks a file with patients' data
An employee at Chicago Rush Medical Center leaks clients' details to a third party
06.03 Blog
Attempt to leak the local network topology
The risk management department spotted one of the lawyers copying the document with the schemes of local networks and communication of the company to the personal flash drive.
Dow Jones leaks the watchlist
"Special interest persons" and suspicious profiles got exposed by a third party
28.02 Blog
A former employee leaks data
Devices with 800,000 entries were seized by officials
21.02 Blog
Xinjiang residents got their movements tracked and exposed
A data leak identified by a Dutch expert revealed China tracking more than 2.5 million people in Xinjiang.
18.02 Blog
500px leaks data of 15 million users
Email help[@]500px.com and get your data sent to you within 72 hours
14.02 Blog
Eskom exposes customer data
Confidential details have been accessible for several weeks
07.02 Blog
State Bank of India fixes an unprotected server
Millions of 740,000,000 bank clients got their data exposed
01.02 Blog
HIV-positive statuses get leaked in Singapore
14,200 records were compromised. Experts from Asia, Europe, and North America discover the amount of money spent on old IT hardware
29.01 Blog
The biggest U.S. broker dealer exposes advisers' data
...an unprotected Elasticsearch server got discovered, Twitter disregards its own privacy settings
22.01 Blog
Oman’s Public Prosecution raises data usage awareness
While Singapore Health Services pay 1 million Singapore dollars due to a major patient data leak
16.01 Blog
NASA leaks staff and project data
Jira server has been put at risk due to misconfiguration
14.01 Blog
German politics get their data leaked
German politics get their data leaked
The breach isn't regarded as a political crime though
09.01 Blog
Letter Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.