In a breach notification letter posted online, General Electric (GE) said one of their service providers Canon Business Process Services experienced a data breach last month. The breach exposed certain personal data on past and present GE employees, as well as their beneficiaries.
Walgreens has disclosed that a flaw in the personal secure messaging feature of its mobile app allowed unauthorized access to personal data stored in a Walgreens database. The company also said the issue did not impact financial data and affected a small number of customers.
Equifax Inc. has agreed to sign a settlement with the FTC to pay at least $575 million, and potentially up to $700 million, related to the massive data breach in 2017 that impacted nearly 147 million people.
A former Chief Information Officer (CIO) of Equifax had been sentenced to federal prison for insider trading.
Quest Diagnostics has confirmed an unauthorized user gained access to a third party billing service system to potentially access personal data on nearly 12 million patients.
Washington State legislators passed a new Data Breach bill, HB 1071, that strengthens data breach notification laws. The new law now includes the expansion of the definition of personal information and also reduces the breach notification deadline.
Cybercrime investigative journalist Brian Krebs reports the Indian IT outsourcing and consulting company Wipro has been hacked. Multiple sources had informed Krebs that attackers breached Wipro's internal IT systems and then used those systems to then launch attacks against Wipro's customers.
Citrix warned it was a victim of a cyberattack whereby hackers gained unauthorized access to large amounts of internal data. The company is actively cooperating with the FBI and have launched a forensics investigation into the breach.
Popular WordPress plugin maker WPML said their website was hacked over the weekend and led to the loss of customer data. The culprit was an ex-employee who exploited a backdoor planted on an unsecured web server.
A massive data leak from an ElasticSearch server has exposed information on over 108 million bets, as well as personal information, deposits and withdrawals. The server was not configured with any password or authentication required to protect the data.