LinkedIn News

Health Insurance

Media & Entertainment

Customer Success

Biotech & Health

Education Technology

Human Resources

Telecommunications

Music Streaming

Entrepreneurship

Cloud Computing

Web Development

Renewable Energy

Renewable Power

Consumer Technology

Agriculture Tech

Machine Learning

Software Development

Environmental Health

Mergers and Acquisitions

Business Development

Government & Policy

Electric Vehicles

Federal Judge Blocks DOGE's Access to SSA Personal Data

Federal Judge Blocks DOGE's Access to SSA Personal Data

A federal judge has ruled against Elon Musk's Department of Government Efficiency (DOGE), blocking its access to personal data at the Social Security Administration (SSA). U.S. District Judge Ellen Hollander accused DOGE of conducting a 'fishing expedition' without proper justification. The ruling emphasized potential violations of federal privacy laws and raised cybersecurity concerns. Initially granted access, DOGE had staff members able to view sensitive information, including Social Security numbers and medical records. The ruling aims to protect the privacy of millions of Americans.

Created at: March 20, 2025 9:30pm

North Korea Establishes New AI Hacking Unit to Enhance Cyber Capabilities

North Korea Establishes New AI Hacking Unit to Enhance Cyber Capabilities

North Korea's intelligence agency, the Reconnaissance General Bureau (RGB), is reportedly forming a new hacking unit named Research Center 227, aimed at developing offensive AI-based hacking technologies. According to Daily NK, this unit will focus on researching Western cybersecurity systems and enhancing the regime's capability to steal digital assets. The initiative comes amid a backdrop of North Korean hackers targeting global crypto exchanges, including a significant $1.4 billion theft from Bybit. U.S. authorities have previously linked the RGB to various hacking and espionage activities.

Created at: March 20, 2025 8:30pm

Hackers Exploit Year-Old ServiceNow Vulnerabilities Targeting Unpatched Systems

Hackers Exploit Year-Old ServiceNow Vulnerabilities Targeting Unpatched Systems

Security researchers have raised alarms about a surge in cyberattacks exploiting three year-old vulnerabilities in ServiceNow. According to GreyNoise, these vulnerabilities, disclosed in May 2024 and patched in July 2024, have seen renewed activity, particularly against systems in Israel. The flaws can potentially allow attackers to gain full database access to sensitive employee information hosted on ServiceNow. While ServiceNow claims no customer impact has been observed, past threats have targeted various sectors, including private companies and government agencies. The resurgence highlights ongoing cybersecurity vulnerabilities in widely used platforms.

Created at: March 20, 2025 4:30pm

Data Breach Exposes Nearly 2 Million Users in SpyX Spyware Incident

Data Breach Exposes Nearly 2 Million Users in SpyX Spyware Incident

A significant data breach involving the stalkerware SpyX has compromised the private information of almost 2 million users, including thousands of Apple customers. This breach, which dates back to June 2024, was only recently disclosed. The data, provided to security expert Troy Hunt, includes nearly 1.97 million unique account records with email addresses. This incident marks the 25th known data breach in the consumer-grade spyware sector since 2017. The operators of SpyX did not respond to inquiries regarding the breach, raising concerns about the ongoing risks to affected individuals.

Created at: March 19, 2025 11:00pm

Stalkerware Breach Exposes Data of Nearly 2 Million Victims

Stalkerware Breach Exposes Data of Nearly 2 Million Victims

A recent breach at SpyX, a stalkerware app provider, has compromised the sensitive data of almost two million victims. This incident adds to a troubling trend, as at least 25 stalkerware companies have suffered similar breaches since 2017. Security experts highlight that these apps, often marketed for monitoring partners, pose significant ethical and legal risks. Despite increasing awareness, the stalkerware industry remains vulnerable, with hackers targeting companies that fail to secure sensitive data. Experts urge consumers to avoid these applications due to their inherent risks and the potential for real-world harm.

Created at: March 19, 2025 11:00pm

Dataminr Secures $85 Million to Propel Growth Amid Market Challenges

Dataminr Secures $85 Million to Propel Growth Amid Market Challenges

Dataminr, a leading data analytics firm, has announced an $85 million funding round to enhance its growth strategy despite recent layoffs affecting 20% of its workforce. The investment, led by security-focused VC NightDragon and HSBC, will support expansion into international markets and the development of new products. Dataminr, which serves notable clients like NATO and OpenAI, is approaching $200 million in annual recurring revenue. The company has previously raised a total of $1.1 billion in venture capital and debt, yet faces scrutiny over its surveillance practices.

Created at: March 19, 2025 5:30pm

Major Data Breach: Hackers Compromise Personal Information of Over 500,000 US Teachers

Major Data Breach: Hackers Compromise Personal Information of Over 500,000 US Teachers

The Pennsylvania State Education Association (PSEA) has reported a significant cyberattack that compromised the sensitive personal data of more than 517,000 members. The stolen information includes government-issued IDs, Social Security numbers, medical details, and financial data. PSEA, the largest educator union in Pennsylvania, disclosed the breach in a filing with Maine's attorney general. They indicated that measures were taken to ensure the integrity of the data post-attack, suggesting involvement in a ransomware situation. The union has not responded to media inquiries regarding the incident.

Created at: March 19, 2025 4:00pm

Hunted Labs Secures $3M Seed Investment for Open Source Cybersecurity

Hunted Labs Secures $3M Seed Investment for Open Source Cybersecurity

Hunted Labs, an open source cybersecurity startup, has secured a $3 million seed investment from Red Cell Partners, led by former NSA deputy director George Barnes. This investment marks Barnes's first venture capital effort after his tenure at the NSA. Hunted Labs aims to address concerns over the origins of open source software contributions, an issue highlighted by past security breaches. The startup has already landed contracts, including a $1.79 million deal with the Space Development Agency. Founded by Hayden Smith and his team, Hunted Labs focuses on software threat management amidst a competitive landscape.

Created at: March 19, 2025 3:30pm

Countries Identified as Potential Customers of Paragon Spyware

Countries Identified as Potential Customers of Paragon Spyware

A recent report by Citizen Lab reveals that several governments, including Australia, Canada, Cyprus, Denmark, Israel, and Singapore, are likely customers of Israeli spyware firm Paragon Solutions. The report identifies these countries as potential users of Paragon's Graphite spyware. Following a scandal involving WhatsApp notifications to targeted users, Paragon's executives maintain that they only work with democratic states. Citizen Lab also disclosed that evidence suggests specific law enforcement agencies, such as Ontario Provincial Police, are using Paragon's technology. The report underscores the complexities of commercial spyware deployment and detection.

Created at: March 19, 2025 12:30pm

FBI Alerts Users: Free File Converters May Harbor Malware

FBI Alerts Users: Free File Converters May Harbor Malware

The FBI has issued a warning about the hidden dangers of free online file converters, suggesting that these seemingly harmless tools may actually contain malware. While users often rely on them for file format conversions, the FBI indicates that some converters can compromise sensitive data, such as social security numbers and banking information. This malware can lead to identity theft and financial fraud, with ransomware being a significant threat. To protect against these risks, users are advised to only utilize trusted sources, maintain updated security software, and refrain from engaging with unknown links. Immediate action is recommended if malware is suspected.

Created at: March 19, 2025 6:00am

CISA Faces Legal Fallout Over Unlawful Layoffs of 130 Employees

CISA Faces Legal Fallout Over Unlawful Layoffs of 130 Employees

The Cybersecurity and Infrastructure Security Agency (CISA) is urgently reaching out to over 130 former employees after a federal court ruled their layoffs under the Trump administration were unlawful. U.S. District Judge James Bredar mandated the reinstatement of these probationary employees, who were dismissed in February. CISA lacks contact information for many affected individuals and has requested they submit their details through a secure process. Rehired employees will receive full pay and benefits while on administrative leave. The agency is under pressure amid ongoing workforce cuts.

Created at: March 18, 2025 4:00pm

Google Acquires Wiz for $32B to Enhance Cloud Security

Google Acquires Wiz for $32B to Enhance Cloud Security

In a historic move, Google, under its parent company Alphabet, is set to acquire cloud security startup Wiz for $32 billion. The acquisition aims to strengthen Google's position in the enterprise cloud market and enhance its security offerings. Although the deal is reportedly finalized, it still awaits regulatory approval. This acquisition follows a previous attempt last year at a $23 billion valuation, which failed due to antitrust concerns. Wiz has shown significant growth, achieving $500 million in annual recurring revenue and is on track to double that. Both companies have yet to confirm the deal officially.

Created at: March 18, 2025 12:00pm

Google Resumes Talks to Acquire Cybersecurity Startup Wiz at $30 Billion Valuation

Google Resumes Talks to Acquire Cybersecurity Startup Wiz at $30 Billion Valuation

Google's parent company, Alphabet, is in advanced discussions to acquire Wiz, a cloud cybersecurity startup, for around $30 billion. This follows a previous attempt last summer to finalize a deal at a $23 billion valuation that fell through. Wiz's annual recurring revenue is projected to reach $1 billion by 2025, making it an attractive target for Google Cloud. Regulatory challenges and integration disagreements previously stalled negotiations. As M&A activity increases, this deal reflects a changing landscape under new regulatory leadership.

Created at: March 17, 2025 11:30pm

Texas Developer Convicted for Sabotaging Employer's Network with 'Kill Switch'

Texas Developer Convicted for Sabotaging Employer's Network with 'Kill Switch'

Davis Lu, a Texas software developer, has been convicted by a federal jury for causing intentional damage to his former employer's network, potentially facing up to ten years in prison. Lu reportedly created a 'kill switch' that locked out employees from the company's systems upon his departure in September 2019, after a restructuring reduced his role. This act led to significant disruptions affecting thousands of employees and resulted in substantial financial losses for the company. Sentencing is scheduled for June 23, 2025.

Created at: March 17, 2025 6:01pm

Hackers Target Fortinet Firewalls to Deploy Ransomware

Hackers Target Fortinet Firewalls to Deploy Ransomware

Security researchers report that hackers associated with the LockBit gang are exploiting vulnerabilities in Fortinet firewalls to deploy a new ransomware strain named 'SuperBlack'. The vulnerabilities, identified as CVE-2024-55591 and CVE-2025-24472, have been actively exploited since December 2024, despite patches being released in January. The attackers have been observed selectively encrypting sensitive data after exfiltration. Analysts suggest that these attacks target organizations that failed to implement necessary security measures. The connection to LockBit indicates a possible collaboration or shared tactics among cybercriminals.

Created at: March 17, 2025 4:00pm

DOGE Staffer Violates Treasury Protocol by Sending Unencrypted Data

DOGE Staffer Violates Treasury Protocol by Sending Unencrypted Data

A staff member from the Department of Government Efficiency (DOGE) has been accused of violating Treasury policies by emailing unencrypted personal information, as revealed in a federal lawsuit. The staffer, Marko Elez, shared sensitive data with Trump administration officials before resigning after controversial social media posts surfaced. Treasury's chief security officer testified that a forensic analysis uncovered the breach. The lawsuit aims to prevent DOGE from accessing sensitive financial data. Elez has since been rehired at the Social Security Administration.

Created at: March 17, 2025 3:30pm

UK's Ofcom Targets File-Sharing Services to Combat CSAM

UK's Ofcom Targets File-Sharing Services to Combat CSAM

The UK's internet regulator, Ofcom, has initiated an enforcement program under the Online Safety Act to address illegal content on storage and file-sharing services. This comes after evidence indicated these platforms are prone to misuse for sharing child sexual abuse material (CSAM). Ofcom has contacted several services, warning them of upcoming formal requests for information regarding their safety measures. Non-compliance could lead to penalties of up to 10% of global annual turnover. The initiative aims to enhance online safety and hold companies accountable for content management.

Created at: March 17, 2025 10:30am

FBI Issues Urgent Warning on Medusa Ransomware Threat

FBI Issues Urgent Warning on Medusa Ransomware Threat

The FBI has raised alarms over the rapidly escalating Medusa ransomware, which has targeted numerous sectors, particularly healthcare. Critical industries like education, technology, and manufacturing are also at risk as hundreds of victims have reported attacks. The ransomware operates through a double extortion model, threatening to publish stolen data if ransoms are not paid. Organizations are urged to enhance their security measures, including VPNs, multi-factor authentication, and regular system updates. A comprehensive data recovery plan is essential to mitigate potential damage from such cyber threats.

Created at: March 17, 2025 6:00am

AT&T Whistleblower Mark Klein, Key Figure in NSA Spying Revelations, Passes Away

AT&T Whistleblower Mark Klein, Key Figure in NSA Spying Revelations, Passes Away

Mark Klein, the former AT&T technician who unveiled the NSA's secret surveillance operations, has died at the age of 79. In 2006, he disclosed that the NSA was tapping into internet traffic through a covert facility in San Francisco, confirming government access to data of millions of Americans. His revelations came in the wake of the post-9/11 surveillance expansion. Klein's disclosures prompted significant public discourse on privacy and governmental overreach, influencing future whistleblower cases, including Edward Snowden's in 2013. The Electronic Frontier Foundation confirmed his passing.

Created at: March 14, 2025 7:00pm

LockBit Ransomware Developer Extradited to the U.S. from Israel

LockBit Ransomware Developer Extradited to the U.S. from Israel

Rostislav Panev, a dual Russian-Israeli national, has been extradited to the United States after being arrested in Israel. He is accused of being a key developer for the LockBit ransomware gang, which has been active since 2019. The U.S. Department of Justice claims Panev helped design the gang’s malware and managed its operations while sharing in the criminal profits. This extradition marks a significant step in the ongoing battle against cybercrime. U.S. Attorney John Giordano emphasized the commitment to pursuing ransomware conspirators globally.

Created at: March 14, 2025 2:30pm

US Lawmakers Demand Public Hearing on Apple’s Alleged UK Backdoor Order

US Lawmakers Demand Public Hearing on Apple’s Alleged UK Backdoor Order

A bipartisan group of U.S. lawmakers has urged the U.K. Investigatory Powers Tribunal to hold an open hearing regarding Apple’s challenge to a secret legal demand from the U.K. government. Senator Ron Wyden and four others argue that the alleged order restricts Apple's constitutionally protected speech and hinders congressional oversight. Reports indicate that the U.K. government ordered Apple to create a backdoor for accessing cloud data, which Apple has resisted. Civil rights groups are also advocating for transparency in this matter as the tribunal prepares for a private hearing.

Created at: March 14, 2025 1:00pm

UK's Secret iCloud Backdoor Order Sparks Civil Rights Challenge

UK's Secret iCloud Backdoor Order Sparks Civil Rights Challenge

A secret order from the U.K. government compelling Apple to create a backdoor for its encrypted iCloud service has been met with legal challenges from civil rights groups Liberty and Privacy International. They argue the order is 'unacceptable and disproportionate', potentially affecting global users. The groups, represented by law firm Leigh Day, aim to join their complaints with Apple's ongoing legal challenge to the order. They emphasize the necessity of end-to-end encryption for privacy protection and request a public hearing for the case. The Investigatory Powers Tribunal is set to hear Apple's appeal today.

Created at: March 14, 2025 11:00am

Apple's Lockdown Mode: A Security Asset with Confusing Notifications

Apple's Lockdown Mode: A Security Asset with Confusing Notifications

Apple's Lockdown Mode, launched in 2022, is hailed for its robust security features, particularly among journalists and human rights defenders. Designed to thwart sophisticated hacking attempts, it disables various device functionalities, raising concerns over its notifications. Users report frequent, perplexing alerts claiming blocked contacts, often without context, leading to confusion about their effectiveness. Despite its protective measures, the lack of clarity surrounding these messages may deter some users. Experts urge Apple to improve communication regarding Lockdown Mode's notifications for better user understanding.

Created at: March 14, 2025 9:02am

Amazon Faces Scrutiny for Hosting Stalkerware Data After Breach Alert

Amazon Faces Scrutiny for Hosting Stalkerware Data After Breach Alert

Amazon is under fire for continuing to host data from stalkerware apps Cocospy, Spyic, and Spyzie, even after being alerted weeks ago by TechCrunch. These apps have exposed private data from approximately 3.1 million individuals, many unaware of their compromised phones. Despite multiple notifications about specific storage locations, Amazon stated it is following its process but has not confirmed any action. Critics argue Amazon must enforce its own policies against such misuse of its cloud services. The storage buckets remain active, raising significant privacy concerns.

Created at: March 14, 2025 9:01am

Trump Administration's Abrupt Dismissal of Cybersecurity Board Sparks Outrage

Trump Administration's Abrupt Dismissal of Cybersecurity Board Sparks Outrage

In a controversial move, the Trump administration has terminated members of the Cyber Security Review Board (CSRB) just a day after the inauguration. The decision, described as 'horribly shortsighted' by an anonymous source, raises concerns over national security amidst ongoing cyber threats, particularly from China. Critics argue that dismantling the CSRB, which provided crucial insights into cybersecurity breaches, undermines U.S. defenses. Former CSRB member Katie Moussouris emphasized the need for qualified advisors, irrespective of political affiliations. The action also affects other advisory committees within the Department of Homeland Security.

Created at: January 22, 2025 5:00pm

Conduent Confirms Cybersecurity Incident Caused Service Disruption

Conduent Confirms Cybersecurity Incident Caused Service Disruption

Conduent, a U.S. government contractor, has acknowledged that a recent outage affecting support services was due to a cybersecurity incident. The disruption left many residents without access to crucial support payments. While the company confirmed the incident, details regarding any potential data breaches remain unclear. Conduent's spokesperson stated that the situation has been contained and all systems are now operational. The company emphasizes its commitment to maintaining system integrity and functionality for its clients. Further information about the incident has not been disclosed.

Created at: January 22, 2025 4:00pm

Massive Data Breach Hits PowerSchool, Affecting Millions of Students

Massive Data Breach Hits PowerSchool, Affecting Millions of Students

PowerSchool, a leading U.S. edtech firm, confirmed a significant data breach impacting its school information system, affecting 60 million students across 18,000 schools. The breach was discovered on December 28, 2024, when hackers accessed sensitive data through a compromised customer support portal. Although PowerSchool has acknowledged the breach, critical details about the scale and involved schools remain undisclosed. Reports suggest that personal information, including Social Security numbers and grades, may have been stolen. The company has faced scrutiny for its lack of transparency and failure to provide a clear incident report.

Created at: January 22, 2025 2:30pm

Conduent Faces Ongoing Outages Amid Cyberattack Speculations

Conduent Faces Ongoing Outages Amid Cyberattack Speculations

Government contractor Conduent is experiencing significant service interruptions affecting multiple U.S. states, leading to access issues for residents relying on benefits and support payments. A source indicated that the outages may be linked to a cyberattack, although Conduent has not confirmed this. The company's spokesperson confirmed efforts to resolve the situation, which has impacted services including child support payments in Wisconsin. Previous incidents, such as a ransomware attack in 2020, raise concerns about potential security vulnerabilities. As investigations continue, affected states are working to restore normal operations.

Created at: January 21, 2025 8:30pm

Toronto School District's 40-Year Data Breach Exposes Student Information

Toronto School District's 40-Year Data Breach Exposes Student Information

The Toronto District School Board (TDSB) revealed that hackers accessed around 40 years of student data in a significant breach involving PowerSchool. The incident affects all students enrolled from September 1985 to December 2024, compromising personal details such as names, addresses, and birth dates. Additionally, data from 2017 included contact information for parents and guardians. TDSB stated that PowerSchool has received confirmation from the hackers that the stolen data was deleted, though further details from PowerSchool remain undisclosed.

Created at: January 21, 2025 3:00pm

HPE Investigates Data Breach After Hacker Claims Theft of Sensitive Information

HPE Investigates Data Breach After Hacker Claims Theft of Sensitive Information

Hewlett-Packard Enterprise (HPE) is currently investigating a significant data breach following claims by a hacker using the alias 'IntelBroker.' The hacker alleges to have stolen sensitive data, including product source code and access keys to HPE services. HPE spokesperson Laura von Pentz confirmed the company activated its cyber response protocols upon learning of the claims. Notably, there is no evidence that customer information has been compromised. This incident follows a previous breach involving a Russia-linked hacking group that affected HPE's email systems.

Created at: January 21, 2025 11:30am

Failed Startups' Employees Face Rising Data Theft Risks

Failed Startups' Employees Face Rising Data Theft Risks

A recent security study reveals that employees of failed startups are increasingly vulnerable to data theft, particularly through old Google logins. Researcher Dylan Ayrey highlighted that hackers can exploit defunct domains to access sensitive information, including Social Security numbers. Ayrey demonstrated this vulnerability by purchasing a failed startup's domain, successfully logging into multiple cloud services. Despite Google implementing security measures, flaws in OAuth configurations may still expose former employees. Ayrey estimates tens of thousands may be at risk, urging better shutdown practices for startups.

Created at: January 19, 2025 4:00pm

US Army Soldier Arrested in AT&T and Verizon Data Breach Case

US Army Soldier Arrested in AT&T and Verizon Data Breach Case

Cameron John Wagenius, a U.S. Army communications specialist, was arrested for his involvement in the theft of confidential phone records from AT&T and Verizon. Prosecutors have linked his charges to a larger case involving hackers who breached cloud computing company Snowflake, compromising data of numerous customers. The breaches affected over 160 companies, leading to the theft of sensitive personal and financial information. Wagenius allegedly threatened to leak high-profile call logs unless one of the hackers was released. He is currently detained in Washington state pending further legal proceedings.

Created at: January 18, 2025 3:30pm

PowerSchool Data Breach Sparks Community Collaboration Among Affected Schools

PowerSchool Data Breach Sparks Community Collaboration Among Affected Schools

In a significant data breach disclosed by PowerSchool on January 7, hackers accessed sensitive information from over 18,000 K-12 schools worldwide. Education professionals, like Romy Backus from the American School of Dubai, quickly began collaborating to investigate the extent of the breach due to insufficient information from PowerSchool. Affected administrators shared findings and created resources, including a how-to guide detailing compromised data and investigative steps. This grassroots effort highlights the critical need for better communication and support within the education sector during cybersecurity incidents.

Created at: January 18, 2025 12:00pm

Supreme Court Upholds TikTok Ban Amid Rising Cybersecurity Concerns

Supreme Court Upholds TikTok Ban Amid Rising Cybersecurity Concerns

In a significant ruling, the Supreme Court has upheld the ban on TikTok, citing national security risks linked to data privacy and foreign influence. The decision comes as the U.S. government intensifies efforts to combat cyber threats, particularly from China. This ruling follows a series of sanctions against Chinese hacking groups, underlining the administration's commitment to safeguarding American digital infrastructure. TikTok, facing increased scrutiny, is now exploring alternatives to address these concerns. The ban has sparked widespread debate on the balance between security and digital freedom.

Created at: January 17, 2025 5:30pm

Russian Hackers Target WhatsApp Accounts of Government Officials

Russian Hackers Target WhatsApp Accounts of Government Officials

Researchers have linked the Russian hacking group Star Blizzard to recent phishing attacks aimed at government ministers and diplomats worldwide. Utilizing fake email invitations containing malicious QR codes, the hackers gained unauthorized access to victims' WhatsApp accounts. This new technique, referred to as 'quishing,' represents a shift in cyber threats and underscores the need for vigilance among targeted sectors. Microsoft and WhatsApp have issued warnings, advising users to verify emails and avoid clicking on suspicious links. The UK's National Cyber Security Centre has connected Star Blizzard to Russia's Federal Security Service.

Created at: January 17, 2025 2:30pm

Clop Ransomware Gang Claims Mass-Hack of Cleo Software Victims

Clop Ransomware Gang Claims Mass-Hack of Cleo Software Victims

The Clop ransomware gang has identified 59 organizations it allegedly breached using a vulnerability in Cleo's file transfer software. The gang threatened to release stolen data on January 18 unless their ransom demands are met. Cleo's products, including LexiCom, VLTransfer, and Harmony, were targeted after a flaw was disclosed in October 2024. Some companies, including Covestro, confirmed unauthorized access but disputed the extent of the breaches. Others, like Hertz and Linfox, denied any impacts from the attacks. The situation remains fluid as more victims may be revealed soon.

Created at: January 16, 2025 2:30pm

UN Security Council Addresses Urgent Need for Spyware Regulations

UN Security Council Addresses Urgent Need for Spyware Regulations

During a historic meeting, the United Nations Security Council discussed the proliferation of commercial spyware, marking the first time this issue has been formally addressed. The meeting aimed to highlight the threats posed by such software to international peace and security, with the U.S. and 15 other nations advocating for regulatory measures. While some countries supported action, Russia and China dismissed concerns, pointing to broader cyber threats. Experts warned that Europe has become a hub for these spyware companies, further complicating the landscape of cybersecurity and human rights.

Created at: January 15, 2025 10:30pm

Massive PowerSchool Data Breach Exposes Historical Student and Teacher Records

Massive PowerSchool Data Breach Exposes Historical Student and Teacher Records

A recent cyberattack on PowerSchool has led to the theft of extensive historical data of students and teachers from multiple U.S. school districts. Hackers gained access to personal information, including names, addresses, and Social Security numbers, after compromising PowerSchool's customer support portal. The breach affects over 50 million students, with reports indicating that even former customers may be impacted. PowerSchool has acknowledged the incident but has not disclosed the number of affected districts or specific security measures in place. The scale of the breach raises serious concerns about data protection in educational technology.

Created at: January 15, 2025 3:00pm

UnitedHealth’s Change Healthcare Concealed Major Data Breach for Months

UnitedHealth’s Change Healthcare Concealed Major Data Breach for Months

Change Healthcare, a subsidiary of UnitedHealth, recently reported that it had completed notifying individuals affected by a significant data breach involving over 100 million medical records. The February 2024 ransomware attack caused widespread disruptions in the U.S. healthcare system. Despite the breach's magnitude, Change Healthcare's notification efforts were criticized for their delay, only commencing four months after the attack. Furthermore, the company employed 'noindex' code on its breach notice web page, limiting its visibility on search engines. Legal actions have been initiated by several states in response to the breach’s handling.

Created at: January 15, 2025 2:01pm

Hackers Target Fortinet Firewalls Exploiting Critical Vulnerability

Hackers Target Fortinet Firewalls Exploiting Critical Vulnerability

Security researchers have identified that hackers are exploiting a critical vulnerability, tracked as CVE-2024-55591, in Fortinet's FortiGate firewalls to infiltrate corporate networks. Fortinet confirmed the ongoing exploitation in an advisory, revealing that patches were released after the issue was already being exploited as a zero-day since December. Cybersecurity firm Arctic Wolf reported a significant number of intrusions linked to this vulnerability. While the exact number of affected customers remains unclear, Fortinet has urged users to update devices promptly to mitigate risks. Ransomware operators may be behind these attacks, raising alarms within the cybersecurity community.

Created at: January 14, 2025 9:30pm