Data Breaches


Equifax Has Spent $1.35 Billion on 2017 Data Breach Costs

Equifax has incurred losses of over $1.35bn so far following the devasting 2017 data breach involving the breach of 145 million customers personal financial data. In the attack, hackers exploited a known security vulnerability that Equifax had left unpatched and compromised the personal and financial details of more than half of all Americans and millions on UK consumers. The known Apache Struts 2 flaw which caused this breach was left unpatched for over 2 months after a patch was issued.


Freedom Mobile Exposes Details of Customer Payment Card Data

Canada's fourth largest mobile network operator, Freedom Mobile, announced this week that they have suffered a data breach through a third party service provider. vpnMentor disclosed on Tuesday that its researchers had identified an unprotected database containing information on Freedom Mobile customers, including email addresses, phone numbers, addresses, birth dates, IP addresses, credit scores, unencrypted payment card data with CVV codes, and account details.


Docker Hub Breach: What to Do Now

In an email to customers, Kent Lamb, Director of Docker Support, wrote “During a brief period of unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of these users, as well as Github and Bitbucket tokens for Docker autobuilds.”


Twistlock Recommendations Following Docker Hub Compromise

You’ve probably already read about the compromise of Docker Hub leading to the loss of 190,000 credentials. We’ve had customers ask about what this means and what they should think about. So, a few points to consider: There is no impact to Twistlock – even if you install Twistlock from the internet, you’re pulling from our dedicated, self managed registry, completely separate from Docker Hub.


Fantastic Data Breaches and How to Prevent Them Event

Named in the top 10 world’s most dangerous people alongside Trump & Putin, we are all under attack from Magecart. They attack websites, digital platforms & e-commerce 3rd party supply chains to steal our data, selling it to the highest bidder on the dark web. Our aim is to increase awareness on Magecart attacks, therefore we’ve created an event for Leeds Digital Festival.

Top 5 Open-Source HIDS Systems

The threat landscape has become increasingly diverse and the systems used to attack are more sophisticated than ever before. In 2018, enterprises and organizations of all sizes and across all industries faced serious data breaches (information leaks were experienced by Aadhar —1.1B users; myFitnessPal —150M; Quora—100M; Facebook—29M and many more). One of the biggest victims was Marriot. A single unauthorized access led to the theft of 500M personal identifiable pieces of information.


When Is a Data Breach a Data Breach?

A data breach remains a common headline in the news cycle. A different company, website or social network reports a security issue almost daily. If it feels like using the internet has become a risky endeavor, the feeling is accurate. But what exactly classifies an event as a data breach? The world wide web is littered with different security gaps and vulnerabilities. But that doesn’t mean they have been exposed or attacked yet.