Data Breach

Whirlpool victim of Nefilim ransomware attack

Cybersecurity Attacks, Data Breach, Malware / By Frank Crast / December 28, 2020 December 28, 2020

Home appliance maker Whirlpool has fallen victim to a Nefilim ransomware attack.

DHS warns businesses of risks using Chinese tech and data services

Cybersecurity Articles, Data Breach, Data Privacy, Insider Threats, Regulations & Laws, Security Monitoring, Third-Party Security / By Frank Crast / December 24, 2020 December 24, 2020

The United States Department of Homeland Security (DHS) has published a new advisory warning businesses of the risks using tech and data services linked to the People’s Republic of China (PRC).

CISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated)

Cloud Security, Configuration Management, Cybersecurity Attacks, Data Breach, Malware, Security Updates & Patches, Third-Party Security, Vulnerabilities & Exploits / By Frank Crast / December 19, 2020 December 19, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) has warned the recent compromise by threat actors of SolarWinds poses a ‘grave risk’ to critical infrastructure, government and private sector organizations.

Global active exploits against SolarWinds via Sunburst backdoor

Cybersecurity Attacks, Data Breach, Security Updates & Patches, Third-Party Security, Vulnerabilities & Exploits / By Frank Crast / December 14, 2020 December 18, 2020

Cybersecurity experts are warning of major global active exploits against SolarWinds Orion Platform software versions via a Sunburst backdoor and supply chain attack.

FTC releases new video to help keep your small business safe from fraud

Cybersecurity Articles, Cybersecurity Attacks, Data Breach, Data Privacy, Regulations & Laws, Security Monitoring, Small Business Security, Third-Party Security / By Frank Crast / July 14, 2020 July 14, 2020

The Federal Trade Commission (FTC) has released a new video to help keep your small business safe from fraud. This is another video in a series of videos from the FTC Protecting Small Businesses playlist.

GE third party data breach exposes employee personal data

Data Breach, Third-Party Security / By Frank Crast / March 27, 2020 April 5, 2020

In a breach notification letter posted online, General Electric (GE) said one of their service providers Canon Business Process Services experienced a data breach last month. The breach exposed certain personal data on past and present GE employees, as well as their beneficiaries.

Walgreens discloses mobile app data breach

Data Breach, Data Privacy / By Frank Crast / March 2, 2020 March 2, 2020

Walgreens has disclosed that a flaw in the personal secure messaging feature of its mobile app allowed unauthorized access to personal data stored in a Walgreens database. The company also said the issue did not impact financial data and affected a small number of customers.