data breach

Data breach at Connecticut’s Yale New Haven Health affects over 5 million

A data breach at Connecticut’s largest healthcare system Yale New Haven Health affects more than 5.5 million people, according to a legally required notice with the U.S. government’s health department. Yale New Haven said the March cyberattack allowed malicious hackers to obtain copies of patients’ personally identifiable information and some healthcare-related data.  Per a notice

Data breach at Connecticut’s Yale New Haven Health affects over 5 million Read More »

Blue Shield of California shared the private health data of millions with Google for years

Health insurance giant Blue Shield of California is notifying millions of people of a data breach. The company confirmed on Wednesday that it had been sharing patients’ private health information with tech and advertising giant Google since 2021. The insurer said that the data sharing stopped in January 2024, but it only learned this February

Blue Shield of California shared the private health data of millions with Google for years Read More »

Marks & Spencer confirms cybersecurity incident amid ongoing disruption

Retail giant Marks & Spencer has confirmed a cybersecurity incident, as customers report ongoing disruption and outages. The British-headquartered retailer on Tuesday told customers in a notice, which TechCrunch has seen, that the company has been “managing a cyber incident” over the last few days. The notice, signed by chief executive Stuart Machin, said it

Marks & Spencer confirms cybersecurity incident amid ongoing disruption Read More »

Florida draft law mandating encryption backdoors for social media accounts billed ‘dangerous and dumb’

A Florida draft bill that would require social media companies to provide encryption backdoors for law enforcement officials to access user accounts has cleared a key legislative hurdle and will now advance to the state’s Senate floor for a vote. Florida lawmakers unanimously approved pushing the bill through committee, per Florida Politics.  The “Social Media

Florida draft law mandating encryption backdoors for social media accounts billed ‘dangerous and dumb’ Read More »

Hertz says customers’ personal data and driver’s licenses stolen in data breach

Car rental giant Hertz has begun notifying its customers of a data breach that included their personal information and driver’s licenses. The rental company, which also owns the Dollar and Thrifty brands, said in notices on its website that the breach relates to a cyberattack on one of its vendors between October 2024 and December

Hertz says customers’ personal data and driver’s licenses stolen in data breach Read More »

Oracle under fire for its handling of separate security incidents

Tech giant Oracle is facing criticism for how it’s handling two seemingly separate data breaches.  At least one of the incidents appears to still be unfolding, despite Oracle reportedly denying a breach at all. The other relates to a breach of patient data under the tech giant’s healthcare subsidiary, Oracle Health. Oracle did not respond

Oracle under fire for its handling of separate security incidents Read More »

API testing firm APIsec exposed customer data during security lapse

API testing firm APIsec has confirmed it secured an exposed internal database containing customer data, which was connected to the internet for several days without a password. The exposed APIsec database stored records dating back to 2018, including names and email addresses of its customers’ employees and users, as well as details about the security

API testing firm APIsec exposed customer data during security lapse Read More »

NHS vendor Advanced to pay £3M fine following 2022 ransomware attack

NHS vendor Advanced will pay just over £3 million ($3.8 million) in fines for not implementing basic security measures before it suffered a ransomware attack in 2022, the U.K.’s data protection regulator has confirmed.  It’s half the fine that the Information Commissioner’s Office had initially sought in August 2024, when the data watchdog said it

NHS vendor Advanced to pay £3M fine following 2022 ransomware attack Read More »