Data breaches
Coverage of Data breaches in the Nexus archive.
- The Big Four’s problems Down Under
Elite consulting firms, referred to as the Big Four, are accused of data breaches by the Australian government.
- Fine firms for data breaches, Hong Kong cybersecurity experts urge
Cybersecurity experts in Hong Kong urge authorities to fine firms for data breaches following a malicious encryption incident involving over 1 million people linked to Shun Hing Group, a leading appliance distributor. The Privacy Commissioner for Personal Data announced an investigation into the breach reported on March 23.
- Booking a summer trip? Here's what you're giving scammers
Travelers who book trips online risk exposing personal details like passport information and trip itineraries to scammers. Stolen data can be used to create convincing scams, such as fake payment alerts or 'grandchild stranded' emergencies. Breaches often occur through weak links in travel companies' partner chains, not the companies themselves.
- Experts offer tips to secure data after Mirror star Stanley Yau loses phone
Hong Kong Mirror member Stanley Yau lost his iPhone, which later appeared at a market in Shenzhen, prompting online discussions. Information technology experts highlighted challenges in retrieving devices from mainland China and provided advice to prevent data breaches.
- Data doctors: Tips for neutralizing dark web risks
The article discusses risks of personal information being on the dark web due to data breaches and advises solutions like using unique passwords, multifactor authentication (MFA), credit freezes, and securing phone lines to prevent identity theft. It emphasizes that while exposure is common, proactive measures can mitigate harm from automated password attacks and SIM-swapping.
- Every employee’s password was stored in a single Excel file
A CEO of a 2,000-employee facility services company stored all employee usernames and passwords in an Excel file on his desktop, refusing multi-factor authentication (MFA) despite prior ransomware incidents and data breaches. The company later suffered two data breaches involving sensitive client data.
- 1k Data Breaches Later, the Disclosure Lag Is Worse
The article discusses how the disclosure lag for data breaches has worsened despite reaching 1,000 breaches. It references Troy Hunt's analysis on the increasing delay in reporting breaches.
- Former cyber executive turned whistleblower accuses IBM of covering up several data breaches
A former cybersecurity executive accuses IBM of failing to disclose and covering up data breaches at IBM and two subsidiary companies during the mid-2010s. The allegations are detailed in a lawsuit filed by the executive.
- The form asked my permission to share my health data. Then it wouldn’t let me say no.
Patients are often forced to sign healthcare privacy forms without understanding the terms, making it difficult to opt out of data sharing. Electronic systems complicate refusal, and risks include data misuse, breaches, and sensitive information exposure, such as abortion records crossing state lines or domestic abusers accessing pediatric records.
- Your Biggest Vulnerability is your Shitty Compensation
The article argues that inadequate compensation is the most significant vulnerability for organizations, as underpaid employees may be more susceptible to external threats or exploitation. It highlights how poor pay can lead to employee dissatisfaction, increasing risks like data breaches or insider threats.
- Fake Windows update installs hidden malware
A fake Windows update scam uses a typosquatted domain to mimic official Microsoft branding, tricking users into downloading malware that steals passwords, payment details, and account access. The malware employs legitimate tools and layered attack techniques to evade detection, persisting on systems by blending with normal processes and modifying apps like Discord.
- It Takes 2 Minutes to Hack the EU’s New Age-Verification App
A security researcher demonstrated a two-minute hack of the EU's new age-verification app, exposing vulnerabilities. Additional reports highlight data breaches at a gym chain and hotel giant, a DDoS attack on Bluesky, and questionable hiring practices at ICE.
- FBI: Americans lost a record $21 billion to cybercrime last year
The FBI reported that U.S. victims lost a record $21 billion to cyber-enabled crimes last year. The primary sources of loss include investment scams, business email compromise, tech support fraud, and data breaches.