Breaches


  • wastewater plant
    Image attribution tooltip
    Permission granted by Eagle Contracting
    Image attribution tooltip

    North Texas water utility the latest suspected industrial ransomware target

    Federal authorities are investigating multiple attacks against water and wastewater treatment facilities in the U.S. following an Iran-linked attack in Pennsylvania.

    By Nov. 30, 2023
  • Hotel Exterior
    Image attribution tooltip
    Ethan Miller via Getty Images
    Image attribution tooltip

    MGM CFO expects insurance to cover cyberattack costs

    The Las Vegas-based casino and resort operator has pegged the costs of the September cyberattack that temporarily impeded operations at about $100 million. 

    By Suman Bhattacharyya • Nov. 29, 2023
  • An illustration of three cartoon people in suits adding files to the cloud, shown through clouds and a computer. Explore the Trendline
    Image attribution tooltip
    TCmake_photo via Getty Images
    Image attribution tooltip
    Trendline

    Securing the cloud

    The ubiquity of the cloud has left security gaps for organizations, leaving them to navigate a complex vendor landscape and defend their technology supply chain

    By Cybersecurity Dive staff
  • Okta booth at RSA Conference on April 27, 2023 in San Francisco.
    Image attribution tooltip
    Matt Kapko/Cybersecurity Dive
    Image attribution tooltip

    All Okta support system customers caught in previously disclosed breach

    The single sign-on provider significantly widened the scope of the attack two months after customers first reported suspicious activity on their Okta environments.

    By Nov. 29, 2023
  • Data Breach Button on Computer Keyboard
    Image attribution tooltip
    GOCMEN via Getty Images
    Image attribution tooltip

    NY reaches $1M breach settlement with First American Title Insurance

    The company exposed millions of documents of non-public customer data, through a vulnerability in a proprietary application.

    By Nov. 28, 2023
  • Fidelity National Title Group Portland Office exterior. FNTG is a member of the Fidelity National Financial (NYSE: FNF) family of companies.
    Image attribution tooltip
    hapabapa via Getty Images
    Image attribution tooltip

    Fidelity National Financial investigating cyberattack that led to service disruption

    AlphV/BlackCat claimed responsibility for the attack on the title insurance giant, which is trying to determine whether the attack will have a material impact.

    By Nov. 27, 2023
  • An image of a digital lock is shown
    Image attribution tooltip
    Just_Super via Getty Images
    Image attribution tooltip

    Stanley Steemer hack breached data of almost 67K customers

    The cleaning company said attackers gained access to its systems nearly a month before the intrusion was discovered in March.

    By Nov. 17, 2023
  • A series of yellow folders that depict lines of binary code running between them.
    Image attribution tooltip
    D3Damon via Getty Images
    Image attribution tooltip

    File-transfer services, rich with sensitive data, are under attack

    This year has seen a trio of supply-chain attacks that created turmoil for thousands of corporate victims and their customers.

    By Nov. 14, 2023
  • Portland, Maine
    Image attribution tooltip
    "Portland, Maine" by Me in ME is licensed under CC BY 2.0
    Image attribution tooltip

    For Maine, the MOVEit attack is personal

    With 1.3 million individuals compromised, the level of exposure on an individual basis is one that's representative of a compromise of its entire population.

    By Nov. 10, 2023
  • Exterior of MGM Grand Hotel & Casino in Las Vegas
    Image attribution tooltip
    Ethan Miller via Getty Images
    Image attribution tooltip

    MGM Resorts anticipates no further disruptions from September cyberattack

    The company expects insurance to cover more than $100 million in losses stemming from lost bookings and disruptions at its Las Vegas properties.

    By Nov. 9, 2023
  • Okta booth at RSA Conference on April 27, 2023 in San Francisco.
    Image attribution tooltip
    Matt Kapko/Cybersecurity Dive
    Image attribution tooltip

    5 Okta customers snared in attack on the provider’s support system

    The IAM provider says the attack was most likely linked to a compromised employee’s personal Google account or personal device.

    By Nov. 3, 2023
  • Okta office
    Image attribution tooltip
    Courtesy of Okta
    Image attribution tooltip

    Okta employee data breached in third-party healthcare attack

    An incident at Rightway Healthcare resulted in a breach of sensitive health information of almost 5,000 Okta employees. It’s the latest in a series of security woes for the IAM provider.

    By Nov. 2, 2023
  • Federal Trade Commission
    Image attribution tooltip
    Carol Highsmith. (2005). "The Apex Building" [Photo]. Retrieved from Wikimedia Commons.
    Image attribution tooltip

    Non-bank financial institutions must report data security breaches: FTC

    The amendment to the FTC’s Safeguards Rule requires non-banking financial institutions to disclose data breaches within 30 days.

    By Rajashree Chakravarty • Nov. 2, 2023
  • Okta booth at RSA Conference on April 27, 2023 in San Francisco.
    Image attribution tooltip
    Matt Kapko/Cybersecurity Dive
    Image attribution tooltip

    BeyondTrust, Cloudflare averted Okta attacks thanks to security chops

    With details scant, worries remain about how the attacks might have played out for less security-focused businesses that were impacted.

    By Nov. 1, 2023
  • A Five Guys restaurant is pictured in London, England on May 7, 2020. The company confirmed a data breach last September in a series of consumer notification letters issued Dec. 29, 2022.
    Image attribution tooltip
    Alex Davidson via Getty Images
    Image attribution tooltip

    Five Guys discloses hack of 2 employees’ emails

    The disclosure comes weeks after the company agreed to settle a federal class action suit stemming from a 2022 attack.

    By Oct. 30, 2023
  • Skyline of Philadelphia across the water
    Image attribution tooltip
    Permission granted by Philadelphia Office of Innovation and Technology
    Image attribution tooltip

    Philadelphia discloses email compromise 5 months after initial detection

    An ongoing investigation uncovered a two-month dwell time in the city’s email system that exposed some individuals’ sensitive information.

    By Oct. 26, 2023
  • A photo illustration of LastPass logos on a hard drive disk held in someone's hand.
    Image attribution tooltip
    Leon Neal via Getty Images
    Image attribution tooltip

    LastPass working through ‘systemic’ security overhaul

    “We didn’t just address the issues that were the cause of the breach,” CEO Karim Toubba said. Still, nearly 1 in 10 customers are fleeing the password manager.

    By Oct. 25, 2023
  • Password input field
    Image attribution tooltip
    Getty via Getty Images
    Image attribution tooltip

    1Password caught in Okta breach, impacting employee-facing apps

    The password manager came forward after BeyondTrust and Cloudflare disclosed similar Okta environment breaches. All three victims claim no data was compromised.

    By Oct. 24, 2023
  • Okta booth at RSA Conference on April 27, 2023 in San Francisco.
    Image attribution tooltip
    Matt Kapko/Cybersecurity Dive
    Image attribution tooltip

    Okta attacked again, this time hitting its support system

    A threat actor accessed customer support tickets and files containing sensitive data. Okta declined to say how many customers are impacted.

    By Updated Oct. 23, 2023
  • Brightly colored digital lock with central computer processor and futuristic circuit board.
    Image attribution tooltip
    da-kuk via Getty Images
    Image attribution tooltip

    Almost 42K Cisco IOS XE devices exploited, no patch available

    Security researchers warn the number of infected hosts grew after a critical zero-day vulnerability was found.

    By Oct. 19, 2023
  • Threat actor views data file
    Image attribution tooltip
    iStock / Getty Images Plus via Getty Images
    Image attribution tooltip

    US data compromises hit all-time high

    Supply-chain attacks and zero-day exploits, such as the widespread attacks against the MOVEit file-transfer service, are surging, according to the Identity Theft Resource Center.

    By Oct. 16, 2023
  • An exterior image of a hotel
    Image attribution tooltip
    Robert Mora via Getty Images
    Image attribution tooltip

    Caesars Entertainment says social-engineering attack behind August breach

    In a filing with the Maine attorney general, the gaming company said the attack began in mid-August and impacted tens of thousands of the state's residents.

    By Oct. 9, 2023
  • Hooded person types on computer in a dark room with multiple monitors and cables everywhere.
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    Construction insurer hit in data breach

    Builders Mutual disclosed the hack affected 64,761 individuals, per a filing with the state of Maine.

    By Matthew Thibault • Oct. 6, 2023
  • Bottles of Clorox bleach on a supermarket shelf.
    Image attribution tooltip
    Justin Sullivan via Getty Images
    Image attribution tooltip

    Clorox warns of quarterly loss related to August cyberattack, production delays

    The company expects a significant financial impact stemming from the recent cyberattack, which is reportedly linked to the Scattered Spider threat group.

    By Oct. 5, 2023
  • An exterior image of a hotel
    Image attribution tooltip
    Robert Mora via Getty Images
    Image attribution tooltip

    Caesars Entertainment faces class action lawsuits following rewards database hack

    At least four separate plaintiffs allege the company was negligent for allowing their sensitive personal data to be stolen in a social engineering attack by criminal threat groups. 

    By Sept. 27, 2023
  • Bottles of Clorox bleach on a supermarket shelf.
    Image attribution tooltip
    Justin Sullivan via Getty Images
    Image attribution tooltip

    Clorox warns of product shortages a month after disclosing cyberattack

    The household product maker said the incident damaged IT systems and will have a material effect on its fiscal Q1 performance.

    By Sept. 18, 2023