$300 million has also been stolen from Russian bank accounts.
“There’s so much sophistication now, they are so organised,” Mike Sentonas from Intel Security told news.com.au. “It’s a business, it’s not just a few people, it’s a process.”
Lax security can lead to lawsuits, penalties and higher costs.
According to the Ponemon Institute’s 10th annual Cost of Data Breach Study, the average consolidated total cost of a data breach is now $6.53 million for a U.S. organization, an 11% increase since last year. The study also found that the average cost per lost or stolen record containing sensitive and confidential information rose from $201 in 2014 to $217. These facts alone should encourage every company to tighten its data security policies and capabilities, but there’s more. Key legal and regulatory changes have increased the financial risk to companies with lax data security.
Tasked with protecting consumers from unfair and deceptive business practices, the Federal Trade Commission’s Bureau of Consumer Protection will now launch investigations if it detects risky behavior regarding the security of customer data. No actual injury or breach is required. Companies found to have substandard data security practices may face a variety of penalties. Recently, despite the lack of documented harm to clients, R.T. Jones Capital Equities Management agreed to settle charges that it failed to establish required cybersecurity policies and procedures before a data breach that compromised the personally identifiable information of approximately 100,000 people. The FTC also has the power to investigate discrepancies between a company’s published “terms of use” and how its data is actually stored and shared. Continue reading Strong data security is not optional→
When an organization gets hacked, ideally they’ll realize it promptly and warn their users right away. Take crowdfunding site Patreon, which was hacked on Monday and has already informed the world about the problem. Scottrade, an investment brokerage company, is different, and not in a good way.
The company announced Friday that it suffered a security breach over a period of several months from late 2013 to early 2014, affecting approximately 4.6 million customers. But in a statement, Scottrade said it had no idea that the breach had occurred until law enforcement officials told them about it. Continue reading Scottrade didn’t know about data breach until feds showed up.→
Pirate Bay cofounder Gottfrid Svartholm Warg has been released from prison in Sweden following three years behind bars, we’re told.
Svartholm Warg, who went by the online handle Anakata, was sent down in Sweden and Denmark for various computer hacking offenses. He is best known, however, for cofounding the famed Pirate Bay torrent search website.
Security researchers have discovered a new malware program that infects automated teller machines (ATMs) and allows attackers to extract cash on command.
The program is dubbed GreenDispenser and was detected in Mexico. However, it’s only a matter of time until similar attacks are adopted by cybercriminals in other countries, researchers from security firm Proofpoint said in a blog post. Continue reading New malware infects ATMs, dispenses cash on command.→
Credentials for more than 225,000 Apple accounts have been stolen by sophisticated malware that targets modified iOS devices, according to Palo Alto Networks.
Russian-speaking hackers have breached 97 websites, mostly dating-related, and stolen login credentials, putting hundreds of thousands of users at risk.
Carphone Warehouse customers are asking why the company took three days to inform them of a data breach that may have compromised the personal details of up to 2.4 million people.
Users took to Twitter to vent their frustration that customers were not immediately made aware when the breach was first discovered on Wednesday.
“How timely of carphone warehouse to delay announcement of hacking to weekend when banking services are most difficult to contact,” Menna Flavell tweeted.
No doubt, there are several similarities to these data-breach headlines. The sophistication of these cyber attackers and the lack of an adequate cyberdefense are common themes in these stories.
But there is one overriding theme. I call this new trend: “Hacking for a cause.”
