From IT-Online: IBM Security’s newly-released annual Cost of a Data Breach Report says that the global average cost of a data breach reached $4,45-million in 2023 – an all-time high for the report and a 15% increase over the last three years. Detection and escalation costs jumped 42% over this same time frame, representing the…
Author: Dissent
Norway says Ivanti zero-day was used to hack govt IT systems
Sergiu Gatlan reports: The Norwegian National Security Authority (NSM) has confirmed that attackers used a zero-day vulnerability in Ivanti’s Endpoint Manager Mobile (EPMM) solution to breach a software platform used by 12 ministries in the country. The Norwegian Security and Service Organization (DSS) said on Monday that the cyberattack did not affect Norway’s Prime Minister’s Office, the…
In SEC Battle, Covington Ordered to Disclose Names of 7 Clients
Abigail Adcox reports: U.S. District Judge Amit Mehta of the District of Columbia has ruled that Covington & Burling must disclose to the U.S. Securities and Exchange Commission the names of seven clients whose information may have been exposed in a 2020 cyberattack that impacted the firm. “Covington shall produce to the Commission the names…
Company Bought by Experian Needn’t Report Pre-Sale Data Breach
Christopher Brown reports: Court Ventures Inc. properly beat a suit alleging it failed to notify victims of a security breach that it became aware of only after its sale to Experian Data Corp., a California appellate court ruled. Former owners of computerized data containing personal information aren’t required to provide notice of a breach under the…
Law Firm Hack Affects Victims of an Earlier Breach Again
Marianne Kolbasuk McGee reports: A global law firm is notifying nearly 153,000 individuals of a hacking incident that compromised several client files. The files contained sensitive personal information and affects vision care patients who had been victims of a breach three years ago. Orrick, Herrington & Sutcliffe on July 20 reported the data breach to…
Umbreon Unplugged: Unraveling the Sequel to Failures
On June 23, DataBreaches published the first of a series of interviews with Pepijn Van der S. aka “Umbreon.” Umbreon, 21, was arrested in January and remains in detention, awaiting trial on charges that include hacking, data exfiltration, extortion, sale of stolen data, and money laundering. At the end of the first article, DataBreaches invited…