Lauren Giella reports: Oklahoma health system Integris Health reached a $30 million settlement in a data breach class action lawsuit that impacted over two million people over two years ago. This agreement settles a class action lawsuit filed in the U.S. District Court for the Western District of Oklahoma that accuses Integris of negligence after…
Gov’t seeks police probe of KT for allegedly obstructing data breach investigation
Yonhap News reports: The Ministry of Science and ICT said Monday it has asked the police to investigate allegations that KT obstructed a government probe into the company’s unauthorized mobile payment breaches. In late August, unauthorized mobile payments worth a combined 240 million won ($168,000) were reported in Seoul and nearby areas after the personal…
Oracle silently fixes zero-day exploit leaked by ShinyHunters
Lawrence Abrams reports: Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. The flaw was addressed with an out-of-band security update released over the weekend, which Oracle said could be used to access “sensitive resources.” “This…
Capita hit with £14m fine for personal data breach in 2023 cyber attack
The Information Commissioner’s Office has fined Capita plc and Capita Pension Solutions Ltd a combined £14m following a cyber attack in April 2023 which saw hackers gain access to over 6m people’s data. Stroud News & Journal reports: Outsourcing giant Capita has been fined £14 million by the Information Commissioner’s Office (ICO) for failing to…
Obsession with cyber breach notification fuelling costly mistakes
Stephen Withers reports: Regulations such as the General Data Protection Regulation (GDPR) and the Australian Prudential Regulation Authority’s (Apra’s) CPS 230 standard have led organisations to become “really obsessed” with the 72-hour notification window following a data breach, according to Shannon Murphy, global security and risk strategist at Trend Micro. However, this focus means many are still…
Discord blamed a vendor for its data breach — now the vendor says it was ‘not hacked’
Jay Peters reports: 5CA is a customer service support company that works with Discord. Recently, the chat platform said the vendor had been breached as part of a “security incident” where 70,000 government ID photos may have leaked. Now, 5CA says in a post on its website that it was “not hacked.” According to Discord, “this incident impacted a…