Joseph J. Lazzarotti writes: Artificial Intelligence (AI) is transforming businesses—automating tasks, powering analytics, and reshaping customer interactions. But like any powerful tool, AI is a double-edged sword. While some adopt AI for protection, attackers are using it to scale and intensify cybercrime. Here’s a high-level discussion at emerging AI-powered cyber risks in 2025—and steps organizations…
Credit Control Corporation data allegedly from 9.1 million consumers listed for sale on forum
A seller on a forum claims to have data on 9.1 million consumers whose personal information is in the hands of a cash recovery and collections firm. Nothing has been confirmed, but they claim an employee of the firm knowingly gave them access. On May 4, 2023, the R&B Corporation of Virginia, a Newport News-based…
Copilot AI Bug Could Leak Sensitive Data via Email Prompts
Rashmi Ramesh reports: A well-phrased email was all an attacker would have needed to trick Microsoft Copilot into handing over sensitive data until the operating system giant patched the vulnerability. The vulnerability in Microsoft 365 Copilot allowed attackers to extract sensitive data through a zero-click prompt injection attack, said researchers from Aim Security. Dubbed “EchoLeak” and tracked…
FTC Provides Guidance on Updated Safeguards Rule
Today, the FTC released Frequently Asked Questions that discuss the requirements of the Safeguards Rule, which was mandated by the Gramm-Leach-Bliley Act, and how it specifically applies to motor vehicle dealers. The FTC is committed to providing certainty to the marketplace and ensuring that it administers its regulations in a manner that minimizes burden to legitimate businesses. To…
Sentara Health terminates remote employees after realizing they couldn’t be sure who was doing the work.
Hiring employees who work remotely can pose additional challenges for security and compliance with regulations. In March, Sentara Health disclosed an incident concern that resulted in the notification of 1,620 patients. They described the concern this way: In December, the Sentara Health’s Lab Services department hired an individual to process lab requisitions. Lab requisitions are…
Hackers Break Into Car Sharing App, 8.4 Million Users Affected
Bogdan Popa reports: Indian company Zoomcar, best known for its car-sharing model that allows customers to rent vehicles from individuals, has recently acknowledged a data breach that exposed the data of 8.4 million users. The NASDAQ-listed firm revealed the hack attack in an SEC 8-K filing, confirming that a threat actor managed to access its systems and…