In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick, a.k.a. “Pompompurin,” is slated for resentencing next month…
Category: Data Breaches
credential theft, Cybercrime, Cybersecurity, Data Breaches, data theft, education, extortion, Global Security News, North America, Ransomware, stolen credentials, Threats
PowerSchool customers hit by downstream extortion threats
Five months after education software vendor PowerSchool paid an unnamed threat actor a ransom in exchange for the deletion of sensitive stolen data, some of the company’s customers are now receiving extortion demands. A threat actor, who may or not be the same criminal group behind the attack, has contacted four school district customers of…
Cybercrime, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Data Breaches, edge devices, Exploitation, Exploits, Global Security News, Ransomware, ransomware payments, Research, Threats, Verizon, Verizon Data Breach Investigations Report, Verizon DBIR, zero days
Verizon discovers spike in ransomware and exploited vulnerabilities
Cybercriminals and state-sponsored threat groups exploited vulnerabilities and initiated ransomware attacks with vigor last year, escalating the scope of their impact by hitting more victims and outmaneuvering defenses with speed. The rate of ransomware detected in data breaches jumped 37%, occurring in 44% of the 12,195 data breaches reviewed in Verizon’s 2025 Data Breach Investigations…
Cybersecurity, Data Breaches, Data Privacy, Data Security, Global Security News, identity, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, tokenization
The Urgent Need for Tokenizing Personally Identifiable Information
If we want privacy, trust and resilience in our digital infrastructure, tokenization is no longer optional. It’s essential. The post The Urgent Need for Tokenizing Personally Identifiable Information appeared first on Security Boulevard.
cyber security, Data Breaches, Global Security News, Government, International, News, phishing, Ransomware, Security, small businesses, uk, United Kingdom
UK’s Cyber Crime Down in 2024: Better ‘Cyber Hygiene Among Small Businesses
A UK government survey of 2024 data shows phishing remains the top cyber threat, ransomware cases doubled, and fewer boards include cyber experts despite steady attack rates.
Data Breaches, Data Security, Global Security News, Security Bloggers Network, Threats & Breaches, Top Data Breaches
Top Data Breaches of March 2025
Cyber threats continue to challenge organizations in 2025, and March saw its share of major breaches. From cloud providers to universities, sensitive data was exposed, raising concerns about security gaps… The post Top Data Breaches of March 2025 appeared first on Strobes Security. The post Top Data Breaches of March 2025 appeared first on Security…
credential theft, Cybercrime, Cybersecurity, Data Breaches, Flashpoint, Global Security News, identity, identity theft, Information stealing malware, infostealers, malware, Ransomware, Research, stolen credentials
Infostealers fueled cyberattacks and snagged 2.1B credentials last year
Cybercriminals used information-stealing malware to a devastating effect last year, capturing sensitive data that fueled ransomware, breaches and attacks targeting supply chains and critical infrastructure, according to a new report. Infostealers were used to steal 2.1 billion credentials last year, accounting for nearly two-thirds of 3.2 billion credentials stolen from all organizations, Flashpoint said in a…
Cybersecurity, Data Breaches, Data Security, Global Security News, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Threats
Reading the Data Breach Tea Leaves: Preventing Data Exfiltration Before it Happens
Data exfiltration has traditionally been the end goal among threat actors whether it’s for financial gain, political gain or to simply wreak havoc. The post Reading the Data Breach Tea Leaves: Preventing Data Exfiltration Before it Happens appeared first on Security Boulevard.
Cybersecurity, Data Breaches, Global Security News, Government, insurance, New York, New York Attorney General, New York DFS, Policy, privacy, Technology
New York sues Allstate and subsidiaries for back-to-back data breaches
Allstate and several of the insurance company’s subsidiaries were accused of poor security practices resulting in data breaches in 2020 and 2021 that exposed sensitive data on nearly 200,000 people, the New York State Attorney General office said in a lawsuit filed Monday. National General, an insurance company Allstate acquired for $4 billion in 2021,…
A Little Sunshine, Chris Larsen, Data Breaches, fbi, Global Security News, Karim Toubba, lastpass breach, Nick Bax, Ripple, Taylor Monahan, U.S. Secret Service, ZachXBT
Feds Link $150M Cyberheist to 2022 LastPass Hacks
In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing this week, U.S. federal agents investigating a spectacular $150 million cryptocurrency heist said they had…
breaches, Cybersecurity, Data Breaches, Data Privacy, Data Security, Global Security News, Governance, Risk & Compliance, privacy, Security Awareness, Security Boulevard (Original), security breaches, Social - Facebook, Social - LinkedIn, Social - X
DOGE Access to Personal Information and The Difficulty of Showing Harm in Privacy Litigation
If a company has effective insurance, prevention becomes even less cost-effective. By failing to “value” privacy alone, the system skews in favor of not protecting privacy. The post DOGE Access to Personal Information and The Difficulty of Showing Harm in Privacy Litigation first appeared on Security Boulevard. The post DOGE Access to Personal Information and…
breaches, Cybersecurity, Data Breaches, Data Privacy, Data Security, Global Security News, Governance, Risk & Compliance, privacy, Security Awareness, Security Boulevard (Original), security breaches, Social - Facebook, Social - LinkedIn, Social - X
DOGE Access to Personal Information and The Difficulty of Showing Harm in Privacy Litigation
If a company has effective insurance, prevention becomes even less cost-effective. By failing to “value” privacy alone, the system skews in favor of not protecting privacy. The post DOGE Access to Personal Information and The Difficulty of Showing Harm in Privacy Litigation appeared first on Security Boulevard.
Data Breaches, Data Security, Global Security News, Security Bloggers Network, Threats & Breaches, Top Data Breaches of February 2025
Top Data Breaches of February 2025
February 2025 saw a series of high-impact data breaches affecting industries ranging from healthcare and finance to cloud services and government agencies. These incidents exposed sensitive data, disrupted operations, and… The post Top Data Breaches of February 2025 appeared first on Strobes Security. The post Top Data Breaches of February 2025 first appeared on Security…
AI, Cybersecurity, Data Breaches, Data Security, Featured, Global Security News, News, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, third party data breaches
Survey: Nearly Half of Data Breaches Involved Third-Party Remote Access
A survey of 1,942 IT and IT security practitioners finds nearly half (47%) work for organizations that have experienced a data breach or cyberattack in the past 12 months that involved a third-party that has access to their network. The post Survey: Nearly Half of Data Breaches Involved Third-Party Remote Access appeared first on Security…
Cybersecurity, Data Breaches, Data Security, Global Security News, Security Bloggers Network, Threats & Breaches
A Comprehensive Look at OSINT
Leveraging Publicly Available Data for Better Security Open Source Intelligence (OSINT) is a term you’ve likely encountered in conversations about cybersecurity, intelligence gathering, and investigative journalism. As our personal and professional lives become increasingly digital, OSINT has become a crucial practice for organizations, law enforcement agencies, and everyday users seeking to stay informed and protected.…
APAC, Australia, Data Breaches, Exploits, Global Security News, Security
Australians Hit With One Cyber Attack Every Second in 2024
Australia saw a record surge in cyber attacks in 2024, with data breaches escalating. Experts warn of rising risks as hackers may exploit AI-driven tactics.
Data Breaches, Donald Trump, Elon Musk, Exploits, FISMA, Global Security News, Government, OPM breach, Policy, Threats, Treasury Department
Cybersecurity, government experts are aghast at security failures in DOGE takeover
As the world’s richest man and his team from the Department of Government Efficiency continue their quest to dismantle federal agencies, cybersecurity experts, good government experts and Democrats are increasingly expressing outrage and alarm, in some cases likening the actions to an ongoing data breach. Elon Musk and employees from DOGE — which is, legally,…
Data Breaches, Data Security, Global Security News, Security Bloggers Network, Threats & Breaches
Top Data Breaches in December 2024
December 2024 wrapped up the year with a chilling reminder of how vulnerable we all are to data breaches. From personal information to corporate secrets, it seemed like no one… The post Top Data Breaches in December 2024 appeared first on Strobes Security. The post Top Data Breaches in December 2024 appeared first on Security…
Cybersecurity, Data Breaches, Data Security, Global Security News, SASE, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Threats & Breaches, zero trust
Shielding Your Storefront: How SASE Protects Retailers in a Digital Age
SASE offers a comprehensive and scalable security solution that protects your data, safeguards your customers and empowers you to thrive in the digital age. The post Shielding Your Storefront: How SASE Protects Retailers in a Digital Age appeared first on Security Boulevard.
abyss0, BreachForums, Data Breaches, Finastra, Global Security News, ke-la.com, Latest Warnings, Ne'er-Do-Well News, The Coming Storm
Fintech Giant Finastra Investigating Data Breach
The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen…
A Little Sunshine, Aleksandr Ermakov, chronopay, Data Breaches, Dmitri Golubov, Global Security News, Helkern, Home Depot breach, Hydra Market, MikeMike, Mikhail Lenin, Mikhail Shefel, Ne'er-Do-Well News, North America, pavel vrublevsky, Peter Vrublevsky, Pharma Wars, Sprut, Sugar ransomware, target breach
An Interview With the Target & Home Depot Hacker
In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Moscow resident Mikhail Shefel, who confirmed using the Rescator identity in a recent interview, also admitted reaching out because he…