Jonathan Greig reports: The nation’s top cyber watchdogs urged federal agencies to either remove or upgrade an Ivanti appliance that is no longer being updated and has been exploited in attacks. The technology company updated an advisory on Friday warning that a “limited number of customers” were breached through the exploitation of CVE-2024-8190. The bug was announced…
Category: Business Sector
23andMe settles data breach lawsuit for $30 million
Jonathan Stempel reports: 23andMe will pay $30 million and provide three years of security monitoring to settle a lawsuit accusing the genetics testing company of failing to protect the privacy of 6.9 million customers whose personal information was exposed in a data breach last year. The accord also resolves accusations that 23andMe did not tell…
Fortinet confirms data breach after hacker claims to steal 440GB of files
Lawrence Abrams reports: Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company’s Microsoft Sharepoint server. Fortinet is one of the largest cybersecurity companies in the world, selling secure networking products like firewalls, routers, and VPN devices. The company also offers SIEM,…
Arrest made in NCA investigation into Transport for London cyber attack
A teenager has been arrested in Walsall by the National Crime Agency, as part of the investigation into a cyber security incident affecting Transport for London (TfL). The 17-year-old male was detained on suspicion of Computer Misuse Act offences in relation to the attack, which was launched on TfL on 1 September. The NCA is…
West Virginia law enforcement sues data broker for publishing personal information online
Suzanne Smalley reports: Whitepages is the latest data broker to be sued for allegedly flouting laws barring the publication of home addresses and other personal information belonging to judges, police officers, prosecutors and others in law enforcement. A retired West Virginia police officer filed a class action lawsuit against the company late last month for publishing his…
Microchip Technology confirms data was stolen in cyberattack
Sergiu Gatlan reports: American semiconductor supplier Microchip Technology Incorporated has confirmed that employee information was stolen from systems compromised in an August cyberattack, which was later claimed by the Play ransomware gang. Headquartered in Chandler, Arizona, the chipmaker has around 123,000 customers from multiple industry sectors, including industrial, automotive, consumer, aerospace and defense, communications, and computing…