Ascension, one of the largest private healthcare companies in the United States, has confirmed that the personal data of some 437,329 patients has been exposed following an attack by cybercriminals. Read more in my article on the Fortra blog.
Category: Data loss
data breach, Data loss, Global Security News, Guest blog, LockBit, Ransomware
LockBit ransomware gang breached, secrets exposed
Oh dear, what a shame, never mind. Read more in my article on the Tripwire State of Security blog.
airline, data breach, Data loss, Defacement, Donald Trump, Global Security News, Guest blog, Law & order
Hackers hit deportation airline GlobalX, leak flight manifests, and leave an unsubtle message for “Donnie” Trump
GlobalX Airlines, a charter airline being used by the US government for deportation flights, has been attacked by hacktivists who have made off with what they claim are detailed flight records and passenger manifests. Read more in my article for the Hot for Security blog.
Co-op, Data loss, Disney, Global Security News, Law & order, malware, Marks and Spencer, Podcast, Ransomware, Smashing Security
Smashing Security podcast #416: High street hacks, and Disney’s Wingdings woe
Brits face empty shelves and suspended meal deals as cybercriminals hit major high street retailers, and a terminated Disney employee gets revenge with a little help with Wingdings. Plus Graham challenges Carole to a game of “Malware or metal?”, and we wonder just happens when you have sex on top of a piano? All this…
data breach, Data loss, Global Security News, Guest blog, privacy, signal, TeleMessage
TeleMessage, the Signal clone used by US government officials, suffers hack
TeleMessage, an encrypted messaging app based upon Signal, has been temporarily suspended out of “an abundance of caution” after a hacker reportedly gained access to US government communications. Read more in my article on the Hot for Security blog.
Amazon S3, data breach, Data loss, Global Security News, Guest blog, Spyware
21 million employee screenshots leaked in bossware breach blunder
If you thought only your boss was peeking at your work screen, think again. Employee-monitoring tool Work Composer has committed a jaw-dropping blunder, leaving a treasure trove of millions of workplace screenshots openly accessible on the internet with no encryption in place, and no password required. Read more in my article on the Hot for…
Data loss, Global Security News, Guest blog, malware, sim swap, South Korea
Hackers access sensitive SIM card data at South Korea’s largest telecoms company
Mobile network operator SK Telecom, which serves approximately 34 million subscribers in South Korea, has confirmed that it suffered a cyber attack earlier this month that saw malware infiltrate its internal systems, and access data related to customers’ SIM cards. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, insurance
Insurance firm Lemonade warns of breach of thousands of driving license numbers
A data breach at insurance firm Lemonade left the details of thousands of drivers’ licenses exposed for 17 months. According to the company, on March 14 2025 Lemonade learnt that a vulnerability in its online car insurance application process contained a vulnerability that was likely to have exposed “certain driver’s license numbers for identifiable individuals.”…
data breach, Data loss, Global Security News, Guest blog, Ransomware
RansomHouse ransomware: what you need to know
RansomHouse is a cybercrime operation that follows a Ransomware-as-a-Service (RaaS) business model, where affiliates (who do not require technical skills of their own) use the ransomware operator’s infrastructure to extort money from victims. Read more in my article on the Fortra blog.
data breach, Data loss, Global Security News, Guest blog, malware, Medusa, NASCAR, North America, Ransomware
Medusa ransomware gang claims to have hacked NASCAR
The Medusa ransomware-as-a-service (RaaS) claims to have compromised the computer systems of NASCAR, the United States’ National Association for Stock Car Auto Racing, and made off with more than 1TB of data. Read more in my article on the Hot for Security blog.
CryptoCurrency, data breach, Data loss, Global Security News, Guest blog, Law & order, phishing, Scattered Spider, sim swap
King Bob pleads guilty to Scattered Spider-linked cryptocurrency thefts from investors
A Florida man, linked to the notorious Scattered Spider hacking gang, has pleaded guilty to charges related to cryptocurrency thefts which have netted hundreds of thousands of dollars. Read more in my article on the Hot for Security blog.
cloud file storage, Cybersecurity, Data loss, Data Security, file backup, Global Security News, Intellectual Property, Security, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X
Corporate Layoffs Put Company IP at Risk
With corporate layoffs and government workforce reductions frequently making headlines, leaders often underestimate the potential for massive data loss and intellectual property liability. The post Corporate Layoffs Put Company IP at Risk appeared first on Security Boulevard.
data breach, Data loss, Global Security News, Guest blog, Healthcare, NHS, Ransomware
£3 million fine for healthcare MSP with sloppy security after it was hit by ransomware attack
A UK firm has been hit by a £3.07 million fine after being hit by a ransomware attack that exposed sensitive data related to almost 80,000 people, and disrupted NHS services. Read more in my article on the Exponential-e blog.
data breach, Data loss, Global Security News, Law & order, malware, Podcast, postal, Ransomware, Smashing Security, snail mail
Smashing Security podcast #408: A gag order backfires, and a snail mail ransom demand
What happens when a healthcare giant’s legal threats ignite a Streisand Effect wildfire… while a ransomware gang appears to ditch the dark web for postage stamps? Find out about this, and more, in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Black Basta, Data loss, Global Security News, Guest blog, malware, Ransomware
Cactus ransomware: what you need to know
Cactus is a ransomware-as-a-service (RaaS) group that encrypts victim’s data and demands a ransom for a decryption key. Read more about it in my article on the Tripwire State of Security blog.
data breach, Data loss, Global Security News, Guest blog, Law & order, malware, North America, phobos, Ransomware
US charges two Russian men in connection with Phobos ransomware operation
Roman Berezhnoy and Egor Nikolaevich Glebov are alleged to have extorted over US $16 million in ransom payments using the Phobos ransomware, impacting over 1000 organisations in the United States. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, Laptop, Law & order, North Korea, remote working, Security threats
US woman faces years in federal prison for running laptop farm for N Korean IT workers
Christian Marie Chapman, of Litchfield Park, Arizona, helped generate over US $17 million for North Korea after over 300 US companies unwittingly hired staff believing them to be US citizens. Read more in my article on the Hot for Security blog.
AI, Artificial Intelligence, data breach, Data loss, Global Security News, Law & order, malware, Podcast, Ransomware, sim swap, Smashing Security, Twitter
Smashing Security podcast #404: Podcast not found
The story of how hackers managed to compromise the US Government’s official SEC Twitter account to boost the price of Bitcoins, AI isn’t helping reduce the rife conspiracy theories inside classrooms, and is the funeral bell tolling for ransomware? All this and more is discussed in the latest edition of the “Smashing Security” podcast by…
data breach, Data loss, Global Security News, Guest blog, Taliban
Secret Taliban records published online after hackers breach computer systems
The Taliban government of Afghanistan is reeling after unidentified hackers successfully carried out a massive cyber attack against its computer systems and published over 50GB of stolen documents and files online. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, law, Ransomware
Data breaches at UK law firms are on the rise, research reveals
British legal professionals have seen a “significant surge” in data breaches, according to new research from NetDocuments, a firm that provides a cloud-based content management platform for the legal sector. Read more in my article on the Tripwire State of Security blog.
ad blocking, Coinbase, data breach, Data loss, Global Security News, malware, Podcast, powerschool, QR code, Ransomware, Smashing Security, VPN
Smashing Security podcast #403: Coinbase crypto heists, QR codes, and ransomware in the classroom
In episode 403 of “Smashing Security” we dive into the mystery of $65 million vanishing from Coinbase users faster than J-Lo slipped into Graham’s DMs, Geoff gives a poor grade for PowerSchool’s security, and Carole takes a curious look at QR codes. All this and more is discussed in the latest edition of the “Smashing…
BlackBerry, Botnet, British Museum, Data loss, Denial of Service, Global Security News, kidnap, Law & order, malware, Operating Systems, Podcast, privacy, Remote access trojan, Smashing Security, Social networks, Spyware
Smashing Security podcast #402: Hackers get hacked, the British Museum IT shutdown, and social media kidnaps
What happens when eager computer enthusiasts unknowingly download a trojanized hacking tool and find themselves on the wrong side of cybersecurity? A former employee’s actions led to chaos and raise urgent questions about the security of cultural treasures. And join us as we explore the alarming trend of social media influencers staging fake kidnappings. All…
data breach, Data loss, Global Security News, Guest blog, law, Law & order, Turkey
Be careful what you say about data leaks in Turkey, new law could mean prison for reporting hacks
The Turkish government is proposing a controversial new cybersecurity law that could make it a criminal act to report on data breaches. But might it stifle journalism and free speech? Read more in my article on the Tripwire State of Security blog.
data breach, Data loss, Global Security News, Guest blog, Hotel
Half a million hotel guests at risk after hackers accessed sensitive data
The personal information of almost half a million people is now in the hands of hackers after a security breach of a company used by some of the world’s best known hotel brands. Read more in my article on the Hot for Security blog.
AI, Apple Safari, data breach, Data loss, Elon Musk, Firefox, Global Security News, Google Chrome, Operating Systems, Podcast, privacy, Smashing Security, surveillance, video game
Smashing Security podcast #400: Hacker games, AI travel surveillance, and 25 years of IoT
The video game Path of Exile 2 suffers a security breach, we explore the issues of using predictive algorithms in travel surveillance systems, and the very worst IoT devices are put on show in Las Vegas. Oh, and has Elon Musk accidentally revealed he cheats at video games? All this and much more is discussed…
data breach, Data loss, Global Security News, Guest blog, malware, Ransomware
Space Bears ransomware: what you need to know
The Space Bears ransomware gang stands out from the crowd by presenting itself better than many legitimate companies, with corporate stock images and a professional-looking leak site. Read more in my article on the Tripwire State of Security blog.
data breach, Data loss, Global Security News, Guest blog, United Nations
United Nations aviation agency hacked, recruitment database plundered
The ICAO, the UN aviation agency tasked with keeping our skies safe, just got hacked… again. This time, a hacker is offering to sell the personal data of 42,000 job applicants. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, Law & order, pii, rydox
Rydox cybercrime marketplace seixed by law enforcement, suspected admins arrested
Rydox, an online marketplace used by cybercriminals to sell hacked personal information and tools to commit fraud, has been seized in an international law enforcement operation and its suspected administrators arrested. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, Krispy Kreme, malware, North America, Ransomware
Doughnut orders disrupted! Krispy Kreme suffers hack attack
Krispy Kreme, the dispenser of delectable doughnuts, says that it suffered a cyber attack at the end of last month which saw its IT systems compromised and has disrupted online orders in parts of the United States. Read more in my article on the Hot for Security blog.
2FA, data breach, Data loss, Global Security News, Instagram, Law & order, Podcast, Smashing Security, Snowflake
Smashing Security podcast #397: Snowflake hackers, and under the influence
A Canadian man is arrested in relation to the Snowflake hacks from earlier this year – after a cybersecurity researcher managed to track his identity, and a cryptocurrency-trading Instagram influencer is in trouble with the law. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham…
AI, data breach, Data loss, Global Security News, Guest blog, Operating Systems, privacy
AI chatbot startup WotNot leaks 346,000 files, including passports and medical records
Wotnot, An Indian AI startup that helps businesses build custom chatbots, has leaked almost 350,000 sensitive files after the data was left unsecured on the web. Read more in my article on the Hot for Security blog.
CryptoCurrency, data breach, Data loss, Global Security News, Guest blog, North Korea
North Korean hackers masquerade as remote IT workers and venture capitalists to steal crypto and secrets
In itslust for stealing cryptocurrency and sensitive information, North Korean hackers are disguising themselves as remote IT workers, recruiters, and even venture capitalists. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, hospital, INC Ransom, malware, Ransomware
No guarantees of payday for ransomware gang that claims to have hacked children’s hospital
What is the point of INC Ransom’s attack on Alder Hey? They are not likely to be paid, and the attack on a children’s hospital only increases the chances that they will one day find their collars felt by law enforcement. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, hospital, malware, NHS, Ransomware
UK hospital, hit by cyberattack, resorts to paper and postpones procedures
A British hospital is grappling with a major cyberattack that has crippled its IT systems and disrupted patient care. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, Microsoft, NHS, Power Pages, privacy
Data leaks from websites built on Microsoft Power Pages, including 1.1 million NHS records
A security researcher has blamed misconfigured implementations of Microsoft Power Pages for a slew of data breaches from web portals – including the leak of 1.1 million NHS employee records. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, privacy
FlipaClip animation app data breach exposes details of almost 900,000 users
Flipaclip, an animation creation app that is particularly popular with youngsters, has exposed the details of over 890,000 users. Read more in my article on the Hot for Security blog.