MOVEit liabilities mount for Progress Software

The company revealed multiple government investigations are underway into the MOVEit vulnerability. It’s also party to more than 100 class-action lawsuits.

By Matt Kapko • Jan. 30, 2024

Schneider Electric hit by ransomware attack against its sustainability business division

Cactus ransomware reportedly claimed credit for the mid-January attack, and the company unit hopes to restore operations in the next couple of days.

By David Jones • Jan. 30, 2024

Explore the Trendline➔

Securing the cloud

The ubiquity of the cloud has left security gaps for organizations, leaving them to navigate a complex vendor landscape and defend their technology supply chain

By Cybersecurity Dive staff

HPE hit by a monthslong cyberattack on its cloud-based email

The attack by Midnight Blizzard, the group that recently hit Microsoft, stole emails and data from HPE employees in cybersecurity and other business units.

By Matt Kapko • Jan. 25, 2024

US data compromises surged to record high in 2023

Breached organizations are withholding critical information more often than ever, underscoring a trend toward opaque notices, the Identity Theft Resource Center said.

By Matt Kapko • Jan. 25, 2024

VF Corp. cyberattack impacted 35.5M consumers

The North Face and Vans parent company originally reported the incident at the height of the holiday season.

By Kaarin Vembar • Jan. 23, 2024

The number of patient records exposed in data breaches doubled in 2023

Though the number of data breaches declined slightly from 2022, more than 116 million records were exposed last year, Fortified Health Security found. 

By Emily Olsen • Jan. 18, 2024

Wealthy countries boast superior cyber defenses

A nation’s economic prosperity is directly linked to greater defense capabilities, but no country is overachieving in cyber defense, according to SecurityScorecard.

By Matt Kapko • Jan. 17, 2024

Progress Software’s MOVEit meltdown: uncovering the fallout

Businesses use the file-transfer service because it checks the compliance boxes for keeping data safe. Though initial attacks were targeted, thousands of bystanding businesses were hit indiscriminately.

By Matt Kapko , Julia Himmel • Jan. 16, 2024

Fidelity National Financial cyberattack impacts up to 1.3M customers

While data was stolen and the company faces lawsuits, it does not consider the attack material to the business.

By David Jones • Jan. 10, 2024

How to ensure data privacy in a ChatGPT world

CISOs and CIOs have to balance the need to restrict sensitive data from generative AI tools with the need for businesses to use these tools to improve processes and increase productivity. 

By Sue Poremba • Jan. 9, 2024

LoanDepot caught in mortgage industry cyberattack spree

The non-bank mortgage lender is the fourth major real estate industry organization hit by a cyberattack since late October.

By Matt Kapko • Jan. 8, 2024

Extent of a cyber specialist law firm’s data breach grows

A two-week long breach exposed a trove of highly sensitive information on Orrick’s clients. The pool of victims quadrupled between its July and December disclosures.

By Matt Kapko • Jan. 5, 2024

Xerox discloses a subsidiary’s breach following ransomware claim of data theft

Inc, a relatively new threat group, previously claimed to have stolen company data.

By David Jones • Jan. 3, 2024

First American Financial confirms threat actors stole and encrypted data

The title insurance giant said the cyberattack is contained, but it is still working to determine whether the incident will have a material impact.

By David Jones • Updated Jan. 4, 2024

First American Financial takes systems offline after cyber incident

The incident comes just weeks after the title insurance firm reached a $1 million settlement with New York state financial regulators for a massive 2019 data breach that impacted 885 million customer records.

By David Jones • Updated Dec. 27, 2023

Comcast’s Xfinity discloses massive data breach linked to CitrixBleed vulnerability

The breach, involving 35.9 million customers, took place just a week after Citrix released a patch for a critical flaw.

By David Jones • Dec. 19, 2023

Henry Schein says 29K people affected in September cyberattack

The ransomware group AlphV/BlackCat claimed responsibility for the data breach and a second incident involving the company.

By Susan Kelly • Dec. 11, 2023

Norton Healthcare ransomware attack exposes 2.5M people

Ransomware attacks are soaring in the healthcare sector, impacting more than 88 million people in the first 10 months of 2023, according to HHS.

By Matt Kapko • Dec. 11, 2023

Data breaches fallout reach new heights as the number of exposed records soars

The increased threat to and exposure of personal data is linked to two key factors: a rise in ransomware and attacks against vendors, an MIT study found.

By Matt Kapko • Dec. 8, 2023

North Texas water utility the latest suspected industrial ransomware target

Federal authorities are investigating multiple attacks against water and wastewater treatment facilities in the U.S. following an Iran-linked attack in Pennsylvania.

By David Jones • Nov. 30, 2023

MGM CFO expects insurance to cover cyberattack costs

The Las Vegas-based casino and resort operator has pegged the costs of the September cyberattack that temporarily impeded operations at about $100 million. 

By Suman Bhattacharyya • Nov. 29, 2023

All Okta support system customers caught in previously disclosed breach

The single sign-on provider significantly widened the scope of the attack two months after customers first reported suspicious activity on their Okta environments.

By Matt Kapko • Nov. 29, 2023

NY reaches $1M breach settlement with First American Title Insurance

The company exposed millions of documents of non-public customer data, through a vulnerability in a proprietary application.

By David Jones • Nov. 28, 2023

Fidelity National Financial investigating cyberattack that led to service disruption

AlphV/BlackCat claimed responsibility for the attack on the title insurance giant, which is trying to determine whether the attack will have a material impact.

By David Jones • Nov. 27, 2023

Stanley Steemer hack breached data of almost 67K customers

The cleaning company said attackers gained access to its systems nearly a month before the intrusion was discovered in March.

By David Jones • Nov. 17, 2023