(In) Secure Digest Halloween Edition: What Spooked IS Specialists in October
The Halloween agenda includes a million-dollar scam, a hacker offended by non-recognition of merit, and frighteningly frequent attacks on the game industry representatives.
UAE’s AI Investments & LinkedIn’s GDPR Fine
The last IS news roundup of October is here for you—let’s dive in!
30.10
Blog
The New Portion of Insider Incidents: Cases of Remote Employee and CISO
In this incident roundup, we are exploring two cases of customer data leakage with insiders being accused of security rules violation.
The Pokémon Developer and Well-known Electronic Device Manufacturer are Facing Data Leaks
In today's roundup, we'll discuss how unauthorized access to Game Freak's servers and a ransomware attack on Casio resulted in the leak of a trove of confidential personal and corporate data.
Qatar’s Data Breach Fine & Kenya’s Move Toward Digital Inclusion
In this week’s new roundup, we are exploring the details of the data breach that occurred in Qatar and how Africa is making its way to digital safety.
09.10
Blog
(In) Secure Digest: Cyberattack on Dell, Fortinet Cloud Leak, Blackmailing Employee
A roundup of high-profile IS incidents that occurred or came to light last month is here. During September, we witnessed attacks on IS vendors and the leaking of data on millions of Americans.
Data Watchdog Fines Nigerian Banks for Compromising Data
In this review, we examine how Nigerian banks are getting slammed with fines for noncompliance with regulatory requirements.
02.10
Blog
Indonesia’s ID Leak & Link Between Layoffs and Data Breaches
Today, we are here with updates on a data breach investigation from Indonesia and news of an extremely interesting study on the correlation between mass layoffs and increasing data breaches.
From Cyber Stars to Data Scars: Africa's Top Cybersecurity Role Models Shine as Cameroon Faces Major Data Breach
This week’s IS news roundup comes from Africa. Let’s delve into the Global Cybersecurity Index report and see where African countries rank on it, and explore the details of a serious data breach in Cameroon.
Slim CD Breach and Turkish Ministry Data Leak
Here’s the first news roundup of the autumn, where we explore the details of the Slim CD data breach and provide updates on the Turkish Ministry of Health information leak during the pandemic.
Data Security Failures of the Week
In today’s IS news roundup, we will explore the details of the FlightAware and Enzo Biochem cases.
20.08
Blog
Another Day, Another Leak
The past week brought various news about severe data breaches. In this digest, we look at the details of the most significant cases.
15.08
Blog
Malaysia's Information Security Boost and the UK's $9.6 Million Data Blunder
Today we will explore Malaysia’s significant step towards mitigating data leaks and the consequences of a 2022 ransomware attack on a British IT company.
(In) Secure Digest: Stolen Shib Coins, the Disney Villian, and the Leak of Millions of Americans' Data
In this edition: the latest twist in the Snowflake saga, the adventures of robots.txt, and the case of meme-coin theft.
Rising Breach Costs, AI’s Double-Edged Sword, and HealthEquity’s Data Drama
In the last IS news roundup for July, we cover the key findings of IBM and Ponemon's Cost of a Data Breach Report 2024 and share details of the HealthEquity case.
A Turbulent Week for Tech and Travelers
This week's news roundup might not be the most uplifting for those planning a trip. However, it is important to dive deeper into the recent events to ensure you are well-informed before you head to the seaside.
Lulu Data Breach & SOC Future Study
In this week’s digest we are to explore the details of the recent data breach in a major retail company and the key takeaways of the research on SOC future.
17.07
Blog
Roblox Incident & Security Pros’ Fears
Today we are going to talk about the details of the Roblox data breach and the main outcomes of a recent cybersecurity professionals survey.
Insurance Market Shake-Up & Digital Diary Breach
In this week's IS digest, we will delve deeper into the news about a recent incident and explore the outcomes of new research.
(In) Secure Digest: Wiped Out Servers, Phish in Sales, and Summer Leak Season
In our June review, we look at recent information security incidents reported in the media during the first month of summer.
01.07
Blog
Check Out Your Password
In our latest cyber news review, we are going to share with you the key takeaways from recent studies on password management habits and ATO attacks.
(In) Secure Digest: IS specialist changing team, biometrics theft by aggrieved contractors and electronic signature platform hack
We have compiled a monthly roundup of high-profile IS incidents that were reported in May.
A Bunch of Fines for Serious Breaches
In this overview we are reporting on two recent major data leaks, which resulted into loss of troves of data and significant penalties by regulatory authorities.
30.05
Blog
April 2024 Breaks Data Breach Records
In the text below, we will take a closer look at a couple of the recent cyber incidents.
16.05
Blog
(In) Secure Digest: the Unprotected Server, the Marine Data Leak and a Supply Chain Attack
In May's edition, we'll reveal: the case of an unscrupulous medical company; accidental data leak caused by the SaaS vendor; consequences of the India's largest electronics manufacturer negligence.
(In) Secure Digest: if There was Darwin Awards in 2024
In April, we traditionally ask our Leading Analyst Sergio Bertoni to share his selection of funny, ridiculous and silly IS incidents.
(In)Secure Digest: Mega Leaks, Deepfakes Calls and Ransomware Attack
In our traditional monthly digest, we've gathered a bunch of recent information security incidents.
(In) Secure Post New Year Digest: a Surprise Email, an Accidental Leak, Work on Mistakes
The time has come to reveal, what happened while we were on New Year's holidays.
01.02
Blog
Travel Agency and COVID-19 Testing Platform Exposed Client Data
In this article you’ll find details on two notifiable information security incidents.
19.01
Blog
Information Security Trends 2024
Sergio Bertoni, Lead Analyst at SearchInform, shares his thoughts and predictions on the key trends in information security for the year 2024.
Unexpected Findings With the Help of FileAuditor Part 2
The second task of the self-test was to check whether user access rights were distributed appropriately and eliminate violations (in case of detection).
Unexpected Findings With the Help of DCAP Solution, or how did we Performed Audit of our File System Part 1
Today we decided to reveal a few illustrative cases of how we performed audit of our own file storages and share that the statistics, provided by clients, isn’t an exaggeration.
Two Recent Information Security Incidents Resulted Into Exposure of Customer Data
Here's another roundup of the latest information security incidents you need to know about today.
Popular Messenger Users’ Data Leaked and Students' Personal Information Exposed
It's time for us to once again report on two recent notable data leaks again.
(In)Secure Digest: The Case of Classic Phishing Attack, Scammers Among the Team and the Dangerous Vulnerability
In this November digest we gathered interesting and illustrative incidents related to data leaks, fraud and hacks.
Online Casino Leaked Data and Marketing Agency Fined for Last Year's Incident
Today we report on two more recent information security incidents.
Exposure of Data on Popular Singapore Hotel Group Clients and French Torrent Tracker Users’ Personal Details Compromise
Today we invite you to examine two recent major data leaks, exposing the details on hundreds of thousands of individuals.
(In)Secure Digest: a Leak via Contractor, Hack of Airline and Case of Corporate Fraud
At the end of the month, traditionally, we’ve gathered a selection of high-profile IS incidents.
Casio and Redcliffe Labs Data Leaks Expose Customer Information
Today, let's examine the incidents those resulted in the disclosure of customer information at two large companies.
Film Festival Website Leak and Data Theft by Former Employee
Once again, we've rounded up two information security incidents worth knowing about with a short report to keep you informed.
Tax Details of the Wealthiest Americans Leaked and Billions of Passwords Exposed
We've rounded up two data leakages in the new report on recent data related incidents.
(In)Secure Digest: Pizza Lovers' Data Theft, a Million-dollar Fine and Aircraft Suppliers’ Data Leak
It's time for the traditional monthly review of "classic" and non-trivial IS incidents reported by the media.
38TB Private Data Leak and $9,000 Fine for 7 Years of Customer Data Exposure
In a new roundup of recent information security incidents, we examine two more cases of inadvertent disclosure of private information.
A Case in Point: Set a Search Rule to Catch a Thief
It's time to present a compelling case study that underscores the criticality of maintaining comprehensive visibility into your organization's file system.
15.09
Blog
Leaked personal data of more than 500,000 employees and an unprotected 4GB database
Today you will learn about the data leak of over 500,000 employees from a major clothing retailer and the 4GB open database from a popular digital publisher.
(In)Secure digest: “shadowy” Amazon, de-anonymization of Northern Ireland police officers and pseudo-hackers
In our traditional (in)Secure digest we’ve gathered news on the recent leaks.
Two recent incidents involving inadvertent personal data exposure
In our new report on recent information security incidents, we examine two cases of inadvertent disclosure of personal data.
Two recent insider incidents: Tesla and Jefferson Health affected
It's time for another roundup of recent information security incidents. Today we're going to reveal details of the Tesla insider incident and the alleged patient data compromise at Jefferson Health.
The revenge of a bank employee and a fine of 74,400 dollars for a human error
Today, we're going to examine two recent data leak incidents caused by employees.
The number of victims of the MOVEit vulnerability continues to grow: two recent major data leakages
Today, we are going to report on two recent data leakages caused by the well-known MOVEit Transfer attack.
Bunch of new personal data leak incidents: police officers and hospital patients affected
In this report we reveal details on the recent major data related incidents: exposure of hospital patients’ and police officers’ personal data.
(In)Secure Digest: a patented data leak, Bangladeshi open register and water treatment plant hack
The time has come to find out if July was full with information security incidents. In our traditional digest we've gathered the most memorable incidents.
Exposure of 61,000 private addresses and one more email error
This week we will look at two incidents that have affected thousands of people by exposing their personal information.
(In)Secure Digest: theft of national secrets, a rogue VPN, and a fine for security guards' curiosity
Here's our monthly roundup of noteworthy information security incidents from June.
Inadvertent disclosure of personal information
The Public Appointments Service accidentally leaked the personal data of 15,471 candidates for public jobs.
One more victim of MOVEit application vulnerability and exposure of data on 260,000 car owners
Learn more about two recent data incidents, which affected Toyota and Prudential subsidiaries' clients.
15.06
Blog
Major data incidents and large penalty for data privacy violation
Learn more about a few recent major data related incidents.
(In)secure digest: data leaks with mileage, refuse to use AI and hack of an account
The time has come for our traditional gather of so-called classic and extraordinary information security incidents, which were reported by mass media.
Recent data privacy incidents
A data leak and massive phishing attack on social network users.
Leak and misuse of clients’ personal data
Details on a few incident related to violation of clients’ privacy.
A new portion of fines for inadequate data protection
Details on a few cases when companies, which failed to implement adequate data protection were fined.
PCI certification
PCI DSS and PCI Certification: All You Need to Know
A bunch of data leak incidents has hit large enterprises
A few large companies and organizations has recenly experienced data related incidents.
Australian companies have experienced large data privacy incidents
Australian large company Latitude Financial, involved in the financial industry and IP firm IPH have experienced data privacy incidents.
Large retailer employees’ data leaked
WHSmith, British retailer has experienced an incident, which led to employees’ personal data leak.
07.03
Blog
(In)secure digest: enormous data leaks and insider’s revelations
The time has come to discuss major data realted incidents, which happened in February.
A famous video game publisher has recently experienced an alleged data related incident
An unidentified intruder has exposed Activision employees’ data. Overall, nearly 20.000 recordings were made publicly available.
AI media manipulation service has leaked large trove of users’ data
AI photo editor Cutout.pro users’ data was leaked. Overall, 9 GB of generated pictures and other data was exposed.
21.02
Blog
Fizzy giant manufacturer experienced a data related incident
Pepsi Bottling Ventures LLC data was illicitly obtained and extracted because of deployment of info stealer malware.
Data privacy incident in the healthcare sector
Details on a cybersecurity incident in the healthcare sector became publicly known recently.
An alleged massive data leak affected fashion retailer's customers
Clients' data was probably stolen in a data privacy incident
02.02
Blog
Sportswear manufacturer clients' personal data has been allegedly leaked
Puma clients' personal data has been exposed.
Details on some data related incidents were disclosed recently
A brief overview of two December data-related incidents
Private Belgian bank experienced an insider incident
The serious data related incident happened with the Degroof Petercam.
Large fines are imposed on game developer for data related incidents
The Epic Games, developer of Fortnite videogame is fined $520 million.
23.12
Blog
Notifiable Privacy Breaches
What is required to do if a data breach incident somehow takes place?
22.11
Blog
Booz Allen Hamilton Holding Corporation experienced a data breach
Due to insider's actions some personally identifiable information was exposed in a recent incident.
in(Secure) digest: stellar social engineering, exposed servers and giants under attacks
The most resonant information security incidents in our October digest.
01.11
Blog
Healthcare Cyber Attacks
What makes healthcare organizations a popular target for cyber attacks?
Leaked Credit Card
The most significant cases.
19.10
Blog
Car manufacturer clients' data exposure incident
An inappropriate method of code storage has resulted into a data exposure incident
Cybersecurity Threats and Issues 2022
Records and trends in cybersecurity.
Examples of Cybercrime Cases
What is cybercrime and examples of a few biggest cybercrimes
Сryptocurrency insider incident and “the great data exfiltration”
An insider case in cryptocurrency sphere and "The great data exfiltration"
Biggest Corporate Frauds
An overview of some biggest cases of corporate frauds in history.
(In)secure digest: the smell of data leaks, deep fake in the Zoom and an option of becoming the nobility member for only €1000
In August many employees are still on a vacation, however, this doesn’t refer to fraudsters, judicial and law enforcement system representatives.
Onetwotrip ticket booking system users’ data leak
Onetwotrip clients' data leaked
24.08
Blog
The ugly in the realm of beautiful, two new personal data leaks’ details revealed
Detail of two more data leaks revealed
(In)secure digest: lawsuit for leaks, insidious phishing and record leak of personal data
The time has come to discuss if July was full with cyber incidents.
Significant fines are imposed due to information security incidents
Recently, plenty of news on fines imposed due to information security incidents have been published. Let’s have a look at a few significant cases, which took place lately.
25.07
Blog
Confidential documents and personal data leaked due to an insider activities
Central Florida construction firm has recently experienced a data breach. An employee stole a massive of confidential data just before resignation.
The infamous data leak of Chinese citizens’ personal data
Details of one of the biggest data leak ever.
Razer data breach case: a claim against IT solution provider is filled
Due to a security misconfiguration by third-party IT-solution provider, Razer's client's data was at a stake of being exposed.
Sensitive Data Of Colorado Springs Utilities Clients Leaked
Colorado Springs Utilities notified their customers via email that sensitive data was obtained by an “unauthorized party”. The problem appeared to be on a subcontractor side. The name of the company remains unrevealed due to “security reasons”.
Exposure of 23 million users’ data
Due to the dangerous misconfiguration of a third-party database owner, personal data of 23 million users was exposed.
Another personal data leak CafePress clients affected this time
CafePress got its consumers’ sensitive personal data, including Social Security numbers, exposed. The claim against Residual Pumpkin Entity, former owner of CafePress and PlanetArt, current owner of CafePress was filled by the Federal Trade Commission. The main issue of the claim is that the organization had failed to ensure safety of client’s personal data (including Social Security numbers), and covered up the data breach.
Another data leak in the healthcare sphere
Choice Health Insurance database leak, caused by human error took place recently.
More than 60% of companies affirmed breach experience in last year
Internal risks are still underestimated.
The new post-quantum cryptography standards are to be announced soon
New era in post-quantum cryptography standards.
According to Bloomberg, in the middle of 2021 Apple, Meta and Discord staff sent hackers their clients’ data
Users' personal data was sent hackers by mistake.
Vestas got its personal data affected
The data has allegedly been shared with third parties.
French public transport company tackles a major data breach
RATP data has been exposed via an unprotected server.
Government employee helped violators to access data
Otario immunisation system has launched investigation and found an insider.
When your sellers obtain your data
Amazon program was misused by its sellers, and data was intended for rankings boosting. California Pizza Kitchen announces a data employee breach.
19.11
Blog
Oregon state failed to ensure employees' privacy
And seemingly made it deliberately, at least according to the plaintiffs.
Throckmorton Country Memorial Hospital and Marten Transport face data breach
The recent news might be another case to add to the list of ransomware notches
How to tell the difference between a phishing email and a real one?
Don't become a phisher’s target, it's avoidable.
When a hack might be not such a bad thing
…where the bad and the good are twisted.
Bangkok Air dashes the ransom offer aside
The popular airline has declined the gang's demand
Data breach cost rises in South Africa, ransomware incidents grow in Australia
Ransomware-related data breaches rose by 24%, the cost of a breach - by 15%.
Signal replaces WhatsApp?
The most popular messenger has recently announced an update which made users question its necessity
Ex-employee takes data to a new job
SoftBank former employee took data to another company, whereas a Canadian firm Aurora Cannabis informed its staffers about breached personal data on the last day of the year.
2020 infosec in pictures
You've been with us all this year and you remember all 2020 news we've shared with you. Let's smile and frown at it together!
Ledger hardware wallet breach echoes with phishing
The investigation into the Ledger compromised security case was launched after the data breach which dates back to June 25, 2020.
Booking.com, Agoda, Expedia Group, Hotels.com customer data impacted
Another misconfigured Amazon Web Services (AWS) S3 bucket
Law firm exposes Google staffers' data
Form I-9 files comprising personal data got breached.
British Airways has been charged £20 million
British Airways have been charged £20 million instead of paying £183 million – the initial fine imposed by the Information Commissioner’s Office.
620 Maltese citizens have filed a claim
The company is reported to have breached GDPR.
Rights and wrongs when creating profile
How can you analyse employee personality and steer clear of breaching privacy?
The biggest GDPR fine in Germany
H&M will be charged €35.3 million – penalty imposed by the Data Protection Authority of Hamburg.
No ransom paid - no data saved
Personal data of students and employees got leaked.
Student data breach at the Warsaw University of Life Sciences
BYOD might face some critics, as usage of personal devices led to a data breach.
What is confidential information and how does it affect your finances?
There is an edifying example, which proves common knowledge that there is many a slip ‘twixt cup and lip.
$3.86 million is an average expense when dealing with a data breach
500 organisations which experienced data breaches were studied during the survey.
Use case: file cleanup
In order to transform disorganized data into valuable insights you certainly need a powerful tool, which will assist you in file analysis ensuring frequent information verification.
Key features of employee monitoring software
Are you sure that your employees do not goof off? Are you sure your employees are not idling away precious hours of productivity they rather spend on work-related tasks?
Healthcare app, college students' data and other leaks
Patient details, telecom user data, low security level at a university - data breaches have already become frequent in the healthcare, telecom and education sectors.
Compliance
Regulatory internet data laws you should be aware of and maintain compliance with
Businesses’ role in cyber security and threat prevention
The financial service company sector is targeted more than any other industry, as attacks against them account for over a quarter of cyberattacks.
20.07
Blog
Dutch authority charges under GDPR
Dutch Data Protection Authority charges Dutch Credit Registration Bureau €830,000.
How to comply with the Bill effectively?
The Personal Data Protection Bill has been developed for three years already and requires attention to the issue of efficient compliance.
BMW and other car owners got their data breached
UK car owners got their data compromised. About half of a million car owners got their data exposed, the individuals including BMW, Hyundai, SEAT, Mercedes and Honda owners.
06.07
Blog
UniCredit is fined by Garante
The Italian Data Protection Authority, also known as “Garante” (Garante per la protezione dei dati personali) has imposed a fine on UniCredit institution.
A vulnerability in a WordPress plugin
Credit card "skimmerware" - can you tell if a virtual transaction is safe?
29.06
Blog
Massive email-targeted incidents only now being resolved
Ransomware scammers have enough time and dark web - enough space till launched investigations get carried out.
26.06
Blog
User data up for sale on the dark web
Pakistan and Indonesia got the data of patients and mobile users offered for a considerable sum
Tait Towers Manufacturing data compromised
The data breach has recently been announced by the gear provider
To be applied... New apps, new laws
Will the privacy limits be reconsidered? Dedigitisation as utopia
Subscribe to get helpful articles and white papers.
We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.
SearchInform products are recognized by
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!