Governance & Risk Management, Healthcare, Industry Specific Settlement Approved in Class Action Linked to Former Employee’s Data Breach Marianne Kolbasuk McGee (HealthInfoSec) • November 20, 2025 A federal court has granted preliminary approval for a $5 million settlement in a breach lawsuit involving a former Nuance employee and Geisinger Health.…
— In the wake of the recent Gainsight incident, Chief Information Security Officers (CISOs) and security teams are urged to take immediate action to safeguard their organizations against potential vulnerabilities in their Software as a Service (SaaS) environments. Cybersecurity expert, Larsen, emphasized the importance of viewing this incident as a…
Massive Data Exposure Affects Over 200 Million US Citizens In a significant breach of security, more than 200 million records containing sensitive information about US residents were left unprotected in an unsecured online database. The database, hosted on Google Cloud, required no password or authentication for access, making it vulnerable…
Government, Industry Specific European Cybersecurity Agency Takes on Role in CVE Program Akshaya Asokan (asokan_akshaya) • November 20, 2025 Image: ENISA/Shutterstock/ISMG The European Union Agency for Cybersecurity (ENISA) is set to enhance its role in overseeing vulnerability announcements throughout the EU. This development follows ENISA’s recognition as a…
The incident involved applications published by Gainsight that connect to Salesforce. Incident Overview Salesforce is currently investigating a data breach that has potentially compromised customer information through applications developed by Gainsight, a notable provider of customer relationship management tools. In a statement, Salesforce indicated that the breach involved “Gainsight-published applications…
In a significant incident reported recently, Virgin Media, a UK-based telecommunications provider, announced a data leak that has compromised the personal information of approximately 900,000 customers. This revelation coincided with similar news from US-based telecom giant T-Mobile, which also disclosed a security breach involving its own data. Contrary to the…
3rd Party Risk Management, Cybercrime, Fraud Management & Cybercrime Salesforce Revokes Gainsight Authentication Tokens Akshaya Asokan (asokan_akshaya) • November 20, 2025 Image: The Bold Bureau/Shutterstock Salesforce, a leading customer relationship management platform based in the United States, has informed customers of potential data theft by hackers exploiting vulnerabilities in a…
On Thursday, the Securities and Exchange Commission (SEC) announced the dismissal of its case against SolarWinds and its Chief Information Security Officer, Tim Brown, in relation to the company’s response to a significant Russian cyberespionage campaign that was revealed in 2020. This incident affected at least nine federal agencies and…
Online guitar education platform TrueFire has reportedly experienced a significant data breach involving a “Magecart” style attack. This incident raises concerns over the potential exposure of sensitive customer information, including personal and payment card details. TrueFire, a leading online resource for guitar enthusiasts with over one million registered users, grants…
