Researchers reported last week that hackers are now exploiting Google's Analytics service to stealthily pilfer credit card information from infected e-commerce sites.
A threat actor is selling databases that contain user records for 14 different organizations he claimed were hacked in 2020, only for four of them (HomeChef, Minted, Tokopedia, and Zoosk) were previously reported data breaches.
The personal information of almost 400,000 UK-based BMW customers is being sold to the highest bidder on an online black market, according to Tel Aviv-based darknet intelligence experts KELA.
Corporate victims are finally starting to realize that ransomware attacks are data breaches and have begun to notify employees and clients about stolen data.
A Data Risk and Security report released by the security software company Netwrix has revealed that companies are failing to follow GDPR and security best practices.
EU law enforcement officials join US critics in lobbying for law enforcement exception in GDPR. Should the EU decide to grant access to private data because of 'law enforcement requirements' from either EU or US then our privacy is (ALMOST) gone!
A flood of attacks is targeting unsecured MongoDB servers and wiping their databases. Left behind are notes demanding a ransom payment, or the data will be leaked, and the owners reported for GDPR violations.
The two-year dispute over US law enforcement interests and EU’s privacy laws could erupt in mid-July as the Court of Justice of the European Union (CJEU) decide if EU-US data transfers are legal.
The Evil Corp gang hacked into dozens of US newspaper websites owned by the same company to infect the employees of over 30 major US private firms using fake software update alerts displayed by the malicious SocGholish JavaScript-based framework.
vpnMentor’s research team, led by renowned analysts Noam Rotem and Ran Locar, recently discovered an incredibly sensitive data breach originating from the domestic violence prevention app Aspire News App.
Hackers use a new attack method that bypasses both Microsoft 365 default security (EOP) and advanced security (ATP). The attack campaign specifically crafted to bypass Microsoft 365 uses a malicious .slk attachment.
Belgian DPA fines controller for sending a direct marketing message to the wrong person and for not responding adequately to the subsequent request for access.
Personal data of an estimated 100,000 social media influencers has been accessed and partially leaked following a breach at social media marketing firm Preen.Me.
