Image of a keyboard.

2 min read

Root cause of Salesforce breaches traced to OAuth token theft

A coordinated cyberattack exploited OAuth tokens linked to Salesforce, exposing hundreds of companies to data compromise.

Read More
Image of a computer open to Google.

2 min read

Google confirms fake law enforcement account created in data request system

A threat group’s claims led Google to confirm that its Law Enforcement Request System had been misused, though no data was compromised.

Read More
Image of a hospital entrance.

2 min read

Morris Hospital reaches $1.36M settlement in 2023 data breach lawsuit

Patients and employees affected by a 2023 ransomware attack can now claim compensation or credit monitoring as part of a court-approved settlement.

Read More
Image of an email icon over a keyboard.

2 min read

APT28 deploys “NotDoor” malware via Outlook in NATO-targeted espionage campaign

A newly discovered Outlook backdoor is being used by Russian hackers to quietly exfiltrate data and run commands in high-profile cyber-espionage...

Read More
digital law icon

2 min read

Regulators crack down on non-HIPAA health data practices

New enforcement trends are expanding how courts and regulators police sensitive health data outside HIPAA’s reach.

Read More
Image of a hooded figure.

2 min read

North Korean hackers pose as recruiters in global attacks

A new campaign by North Korean state-backed hackers has compromised hundreds of professionals by impersonating recruiters on platforms like Slack.

Read More
Image of a downtown area in North Korea.

2 min read

US sanctions North Korean IT network aiding weapons program

New sanctions target individuals and companies facilitating illicit IT worker schemes linked to North Korea.

Read More
digital money sign

2 min read

Adena Health to pay $17.8M over patient data sharing via tracking pixels

The Ohio-based nonprofit will settle claims that it unlawfully shared sensitive health data with third parties through embedded website tools.

Read More
hhs logo

1 min read

HHS updates HIPAA security risk assessment tool

A new version of the SRA Tool aims to improve HIPAA compliance and reduce common risk assessment failures.

Read More
floating digital icons

2 min read

Google fined €325M for inserting ads in Gmail, misusing cookies in France

The CNIL has penalized Google for advertising practices in Gmail and cookie consent violations impacting over 74 million users in France.

Read More
cvs health

2 min read

CVS Health under HIPAA investigation over patient data in political campaign

Federal lawmakers are probing whether CVS Health misused patient data to oppose state legislation that threatened its business operations in...

Read More
grey blurry digital lock

1 min read

Twin Cities Pain Clinic email breach may have exposed patient data

A recent business email compromise at Twin Cities Pain Clinic has triggered a data breach investigation and credit monitoring offer.

Read More
floating people icons over keyboard

1 min read

Florida pediatric ENT breach exposes data of 43,446 patients

A cyberattack at Pediatric Otolaryngology Head & Neck Surgery Associates has compromised sensitive personal and health information of tens of...

Read More