New York proposes ‘nation-leading’ hospital cybersecurity regulations

The rules, which would require facilities to develop response plans and hire a chief information security officer, aim to safeguard hospitals from growing threats and keep them operating during an attack.

By Emily Olsen • Nov. 13, 2023

Henry Schein says customer data breached in cyber incident

The company lowered its 2023 sales and earnings forecasts in response to the incident, which took some of its distribution systems offline.

By Elise Reuter • Nov. 13, 2023

Weeks after Boeing attack, ransomware group leaks allegedly stolen files

The company’s data was leaked two weeks after the prolific Russia-affiliated group, LockBit, claimed responsibility for the attack.

By Matt Kapko • Nov. 13, 2023

Dragos again targeted by ransomware group, this time from AlphV

The industrial cybersecurity specialist previously thwarted a shakedown attempt in May and says the current threat has not been substantiated.

By David Jones • Nov. 13, 2023

4 data-driven priorities for security leaders in 2024

According to a new report, security teams are struggling amid relentless cyberattacks and limited resources. What can leaders do to set their teams up for a more stable 2024?

Nov. 13, 2023

Chinese banking giant’s US arm hit by ransomware attack

The hack reportedly disrupted the trading of U.S. Treasuries. The Industrial and Commercial Bank of China Financial Services said it is investigating the attack and progressing recovery efforts.

By Anna Hrushka • Nov. 10, 2023

For Maine, the MOVEit attack is personal

With 1.3 million individuals compromised, the level of exposure on an individual basis is one that's representative of a compromise of its entire population.

By Matt Kapko • Nov. 10, 2023

Mr. Cooper customers’ data exposed by cyberattack

The mortgage servicing provider has yet to determine how many of its 4.3 million customers had data compromised or the extent of potential damage.

By Matt Kapko • Nov. 9, 2023

MGM Resorts anticipates no further disruptions from September cyberattack

The company expects insurance to cover more than $100 million in losses stemming from lost bookings and disruptions at its Las Vegas properties.

By David Jones • Nov. 9, 2023

Ransomware targeting casinos is on the rise, FBI warns

Threat actors have used phishing attacks and exploited vulnerabilities in third-party vendor remote access tools to target the casino gaming industry.

By Matt Kapko • Nov. 9, 2023

Cyberattack hits Singapore’s Marina Bay Sands hotel and casino

The Las Vegas Sands Corp.-owned property said the intrusion exposed the personal data of about 665,000 people.

By Matt Kapko • Nov. 8, 2023

Cyberattack hits Mr. Cooper, blocks millions of mortgage payments

The loan servicing giant shut down systems after it detected the intrusion and set up alternative methods for its 4.3 million customers to make payments.

By Matt Kapko • Nov. 7, 2023

Atlassian Confluence customers confront pair of critical vulnerabilities

Back-to-back vulnerabilities in the enterprise content collaboration and management workspace remain under active attack by threat actors.

By Matt Kapko • Nov. 7, 2023

Countries pledge to not pay ransoms, but experts question impact

There is no mandate to ban governments or businesses from paying ransom demands, but the pledge could be a step toward that outcome.

By Matt Kapko • Nov. 6, 2023

5 Okta customers snared in attack on the provider’s support system

The IAM provider says the attack was most likely linked to a compromised employee’s personal Google account or personal device.

By Matt Kapko • Nov. 3, 2023

Okta employee data breached in third-party healthcare attack

An incident at Rightway Healthcare resulted in a breach of sensitive health information of almost 5,000 Okta employees. It’s the latest in a series of security woes for the IAM provider.

By Matt Kapko • Nov. 2, 2023

Boeing confirms cyberattack, global services disrupted

The aerospace and defense company declined to describe the nature of the attack but said flight safety is not affected.

By Matt Kapko • Nov. 2, 2023

Caesars shakes off cyberattack with strong Q3 Las Vegas demand

The casino operator, however, faces extensive litigation and government inquiries following theft of its customer rewards database.

By David Jones • Nov. 1, 2023

BeyondTrust, Cloudflare averted Okta attacks thanks to security chops

With details scant, worries remain about how the attacks might have played out for less security-focused businesses that were impacted.

By Matt Kapko • Nov. 1, 2023

SEC charges SolarWinds, its CISO with fraud

The company allegedly misled investors regarding its cybersecurity practices and failed to disclose known risks, according to a complaint.

By David Jones • Updated Oct. 31, 2023

Five Guys discloses hack of 2 employees’ emails

The disclosure comes weeks after the company agreed to settle a federal class action suit stemming from a 2022 attack.

By David Jones • Oct. 30, 2023

Boeing assessing ransomware group’s claim of ‘sensitive’ data theft

A prolific Russia-affiliated group threatened to leak data if the aerospace company doesn't make contact by Nov. 2.

By Matt Kapko • Oct. 30, 2023

How to protect sensitive school data during a cyberattack

The CFO of a Texas school district recommends safer ways to request sensitive employee data and stronger password and verification policies.

By Kara Arundel • Oct. 27, 2023

High-profile summer attacks linked to same aggressive ransomware group

Microsoft researchers described Octo Tempest, or Oktapus, as one of the most dangerous financial criminal groups currently in operation.

By Matt Kapko • Oct. 27, 2023

Philadelphia discloses email compromise 5 months after initial detection

An ongoing investigation uncovered a two-month dwell time in the city’s email system that exposed some individuals’ sensitive information.

By Matt Kapko • Oct. 26, 2023