Breaches


  • bank of america flag waving in Charlotte
    Image attribution tooltip
    Davis Turner/Stringer via Getty Images
    Image attribution tooltip

    Bank of America customer data exposed in IT provider breach

    Infosys McCamish Systems, which works closely with the lender, was impacted by the cybersecurity incident in November that exposed customer Social Security numbers and other account information.

    By Rajashree Chakravarty , Feb. 13, 2024
  • A picture of the exterior of the US Department of Health and Human Services. In front of the building is a black sign designating the building's name.
    Image attribution tooltip
    Alex Wong via Getty Images
    Image attribution tooltip

    HHS settles cybersecurity investigation with Montefiore Medical Center

    The nonprofit will pay $4.75 million to settle allegations that data security failures allowed an employee to steal and sell the protected health information of thousands of patients.

    By Emily Olsen • Feb. 8, 2024
  • An illustration of three cartoon people in suits adding files to the cloud, shown through clouds and a computer. Explore the Trendline
    Image attribution tooltip
    TCmake_photo via Getty Images
    Image attribution tooltip
    Trendline

    Securing the cloud

    The ubiquity of the cloud has left security gaps for organizations, leaving them to navigate a complex vendor landscape and defend their technology supply chain

    By Cybersecurity Dive staff
  • Coin stack on international banknotes with house model on table.
    Image attribution tooltip
    Zephyr18 via Getty Images
    Image attribution tooltip

    Mortgage industry attack spree punctuates common errors

    Attacks against Mr. Cooper Group, Fidelity National Financial, First American Financial and loanDepot impacted operations and put customers in a bind.

    By Feb. 6, 2024
  • A group of workers at an office desk.
    Image attribution tooltip
    Skynesher via Getty Images
    Image attribution tooltip

    AnyDesk initiates extensive credentials reset following cyberattack

    The widely used remote access tool revoked all passwords to its web portal as researchers warn about potential theft of AnyDesk’s code signing certificate.

    By Feb. 5, 2024
  • Cloudflare's global network
    Image attribution tooltip
    Courtesy of Cloudflare
    Image attribution tooltip

    Cloudflare hit by follow-on attack from previous Okta breach

    A threat actor that previously intruded Cloudflare’s network through its Okta environment regained access with mistakenly unrotated credentials.

    By Feb. 2, 2024
  • Interior of Progress Software's office in Rotterdam, Netherlands.
    Image attribution tooltip
    Retrieved from Progress Software on January 18, 2024
    Image attribution tooltip

    MOVEit liabilities mount for Progress Software

    The company revealed multiple government investigations are underway into the MOVEit vulnerability. It’s also party to more than 100 class-action lawsuits.

    By Jan. 30, 2024
  • Schneider Electric hit by ransomware attack against its sustainability business division

    Cactus ransomware reportedly claimed credit for the mid-January attack, and the company unit hopes to restore operations in the next couple of days.

    By Jan. 30, 2024
  • Front of Hewlett Packard Enterprise's campus in Houston.
    Image attribution tooltip
    Courtesy of HPE
    Image attribution tooltip

    HPE hit by a monthslong cyberattack on its cloud-based email

    The attack by Midnight Blizzard, the group that recently hit Microsoft, stole emails and data from HPE employees in cybersecurity and other business units.

    By Jan. 25, 2024
  • The red lock and its structure explode in a digital computer setting.
    Image attribution tooltip
    TU IS via Getty Images
    Image attribution tooltip

    US data compromises surged to record high in 2023

    Breached organizations are withholding critical information more often than ever, underscoring a trend toward opaque notices, the Identity Theft Resource Center said.

    By Jan. 25, 2024
  • A closeup of a white "Vans" sign, below a red-trimmed window, reflecting a blue-gray sky.
    Image attribution tooltip
    Daphne Howland/Cybersecurity Dive
    Image attribution tooltip

    VF Corp. cyberattack impacted 35.5M consumers

    The North Face and Vans parent company originally reported the incident at the height of the holiday season.

    By Kaarin Vembar • Jan. 23, 2024
  • Empty hospital hallway
    Image attribution tooltip
    FangXiaNuo via Getty Images
    Image attribution tooltip

    The number of patient records exposed in data breaches doubled in 2023

    Though the number of data breaches declined slightly from 2022, more than 116 million records were exposed last year, Fortified Health Security found. 

    By Emily Olsen • Jan. 18, 2024
  • Rendered image depicting global networks.
    Image attribution tooltip
    DKosig via Getty Images
    Image attribution tooltip

    Wealthy countries boast superior cyber defenses

    A nation’s economic prosperity is directly linked to greater defense capabilities, but no country is overachieving in cyber defense, according to SecurityScorecard.

    By Jan. 17, 2024
  • Aerial view of Colorado State University campus.
    Image attribution tooltip
    Retrieved from Colorado State University on January 09, 2024
    Image attribution tooltip
    Deep Dive

    Progress Software’s MOVEit meltdown: uncovering the fallout

    Businesses use the file-transfer service because it checks the compliance boxes for keeping data safe. Though initial attacks were targeted, thousands of bystanding businesses were hit indiscriminately.

    By , Jan. 16, 2024
  • A picture of a glass office building with a brick entrance.
    Image attribution tooltip
    JHVEPhoto via Getty Images
    Image attribution tooltip

    Fidelity National Financial cyberattack impacts up to 1.3M customers

    While data was stolen and the company faces lawsuits, it does not consider the attack material to the business.

    By Jan. 10, 2024
  • The welcome screen for the OpenAI ChatGPT app is displayed on a laptop screen.
    Image attribution tooltip
    Leon Neal via Getty Images
    Image attribution tooltip

    How to ensure data privacy in a ChatGPT world

    CISOs and CIOs have to balance the need to restrict sensitive data from generative AI tools with the need for businesses to use these tools to improve processes and increase productivity. 

    By Sue Poremba • Jan. 9, 2024
  • Purchase agreement with model home
    Image attribution tooltip
    guvendemir via Getty Images
    Image attribution tooltip

    LoanDepot caught in mortgage industry cyberattack spree

    The non-bank mortgage lender is the fourth major real estate industry organization hit by a cyberattack since late October.

    By Jan. 8, 2024
  • Data Breach Button on Computer Keyboard
    Image attribution tooltip
    GOCMEN via Getty Images
    Image attribution tooltip

    Extent of a cyber specialist law firm’s data breach grows

    A two-week long breach exposed a trove of highly sensitive information on Orrick’s clients. The pool of victims quadrupled between its July and December disclosures.

    By Jan. 5, 2024
  • cybersecurity, talent shortage, retention, leadership
    Image attribution tooltip
    Getty Images via Getty Images
    Image attribution tooltip

    Xerox discloses a subsidiary’s breach following ransomware claim of data theft

    Inc, a relatively new threat group, previously claimed to have stolen company data.

    By Jan. 3, 2024
  • Coin stack on international banknotes with house model on table.
    Image attribution tooltip
    Zephyr18 via Getty Images
    Image attribution tooltip

    First American Financial confirms threat actors stole and encrypted data

    The title insurance giant said the cyberattack is contained, but it is still working to determine whether the incident will have a material impact.

    By Updated Jan. 4, 2024
  • cybersecurity cfos evaluate and prioritize data protection
    Image attribution tooltip
    Getty Images via Getty Images
    Image attribution tooltip

    First American Financial takes systems offline after cyber incident

    The incident comes just weeks after the title insurance firm reached a $1 million settlement with New York state financial regulators for a massive 2019 data breach that impacted 885 million customer records.

    By Updated Dec. 27, 2023
  • Image attribution tooltip
    Justin Sullivan via Getty Images
    Image attribution tooltip

    Comcast’s Xfinity discloses massive data breach linked to CitrixBleed vulnerability

    The breach, involving 35.9 million customers, took place just a week after Citrix released a patch for a critical flaw.

    By Dec. 19, 2023
  • A brick building with a sign that says "Henry Schein Inc."
    Image attribution tooltip
    Bruce Bennett via Getty Images
    Image attribution tooltip

    Henry Schein says 29K people affected in September cyberattack

    The ransomware group AlphV/BlackCat claimed responsibility for the data breach and a second incident involving the company.

    By Susan Kelly • Dec. 11, 2023
  • A medical team takes a patient into the isolation ward in the emergency department of a full-service acute hospital facility.
    Image attribution tooltip
    Lisa Maree Williams via Getty Images
    Image attribution tooltip

    Norton Healthcare ransomware attack exposes 2.5M people

    Ransomware attacks are soaring in the healthcare sector, impacting more than 88 million people in the first 10 months of 2023, according to HHS.

    By Dec. 11, 2023
  • Data Breach Button on Computer Keyboard
    Image attribution tooltip
    GOCMEN via Getty Images
    Image attribution tooltip

    Data breaches fallout reach new heights as the number of exposed records soars

    The increased threat to and exposure of personal data is linked to two key factors: a rise in ransomware and attacks against vendors, an MIT study found.

    By Dec. 8, 2023
  • wastewater plant
    Image attribution tooltip
    Permission granted by Eagle Contracting
    Image attribution tooltip

    North Texas water utility the latest suspected industrial ransomware target

    Federal authorities are investigating multiple attacks against water and wastewater treatment facilities in the U.S. following an Iran-linked attack in Pennsylvania.

    By Nov. 30, 2023