Category data-breaches

Is Your Medical Device Secure? Ensure Proper Contract Language

Endpoint Security, Governance & Risk Management, Healthcare HSCC’s Updated Model Contract Aims for Shared Cyber Risk Among Providers and Device Manufacturers Marianne Kolbasuk McGee (HealthInfoSec) • November 21, 2025 The HSCC’s revised model contract for medical device cybersecurity is designed to aid healthcare entities and manufacturers in negotiating shared risks…

Read MoreIs Your Medical Device Secure? Ensure Proper Contract Language

Harvard Cyberattack: Data Breach Exposes Records of Alumni, Donors, Students, and Faculty—The Full Story, Affected Individuals, and Harvard’s Response

Harvard Cyberattack: Data Breach Exposes Sensitive Records A recent cyberattack at Harvard University has compromised the personal records of alumni, donors, students, and faculty members, following a sophisticated phone-based phishing scheme. The breach has raised extensive concerns regarding the university’s cybersecurity measures, as it is reported to have accessed critical…

Read More

Harvard Cyberattack: Data Breach Exposes Records of Alumni, Donors, Students, and Faculty—The Full Story, Affected Individuals, and Harvard’s Response

250 Million Microsoft Customer Support Records Leaked Online

Microsoft Confirms Data Breach Exposing Customer Support Records Microsoft has recently disclosed a significant security breach that may have put nearly 250 million customer support records at risk. This exposure stems from a misconfigured server, which allowed sensitive logs of interactions between Microsoft’s support team and customers to be publicly…

Read More250 Million Microsoft Customer Support Records Leaked Online

SEC Halts SolarWinds Lawsuit Following Significant Legal Challenges

Litigation, Standards, Regulations & Compliance Major Legal Proceedings Conclude as Judge Dismisses SEC’s Cyber Fraud Claims Against SolarWinds Chris Riotta (@chrisriotta) • November 21, 2025 Image: AevanStock/Shutterstock In a significant legal development, the U.S. Securities and Exchange Commission (SEC) has dropped its remaining allegations against SolarWinds and its Chief Information…

Read MoreSEC Halts SolarWinds Lawsuit Following Significant Legal Challenges

Google Reports Over 200 Companies Affected by Data Breach Linked to Gainsight

Gainsight is recognized as a provider of customer support platforms. Summary of Events Google has recently reported a significant supply chain breach that has compromised data stored by Salesforce across more than 200 businesses. The incident was initially revealed by Salesforce on Thursday, noting that “specific customers’ Salesforce data” was…

Read MoreGoogle Reports Over 200 Companies Affected by Data Breach Linked to Gainsight

Wawa Data Breach: 30 Million Stolen Payment Card Details Available for Sale by Hackers

In a significant security incident affecting millions, Wawa convenience stores have confirmed a breach involving the payment card information of more than 30 million customers. This breach became evident when payment card details were discovered for sale on Joker’s Stash, a prominent dark web marketplace known for trading stolen financial…

Read MoreWawa Data Breach: 30 Million Stolen Payment Card Details Available for Sale by Hackers

Hardware Hackers Encourage Vendor Collaboration for Enhanced Security

Endpoint Security, Hardware / Chip-level Security Experts Highlight Advantages of Bug Bounties and Researcher Engagement Mathew J. Schwartz (@euroinfosec) • November 21, 2025 Image: Shutterstock While hardware once stood as a cornerstone of trustworthy systems, ongoing concerns over compromised supply chains and security vulnerabilities have significantly diminished that trust. As…

Read MoreHardware Hackers Encourage Vendor Collaboration for Enhanced Security

CrowdStrike Terminates Employee Following Suspected Data Breach Tied to Cybercriminal Organization

CrowdStrike, a leading player in the cybersecurity sector, recently terminated the employment of an insider alleged to have leaked confidential information. The action was taken after a cybercriminal group claimed to have accessed CrowdStrike’s internal systems. This breach occurred amid rising concerns over insider threats within the cybersecurity landscape. On…

Read MoreCrowdStrike Terminates Employee Following Suspected Data Breach Tied to Cybercriminal Organization

U.S. Accuses Four Chinese Military Hackers in Equifax Data Breach Case

The United States Department of Justice has officially charged four members of the Chinese military for their alleged role in the significant Equifax data breach, resulting in the exposure of sensitive personal and financial information of nearly 150 million Americans. In a press conference spearheaded by Attorney General William Barr…

Read MoreU.S. Accuses Four Chinese Military Hackers in Equifax Data Breach Case