Optus Mobile has been penalized $826,320 following an investigation by the Australian Communications and Media Authority (ACMA), which uncovered 44 violations of anti-scam regulations. These breaches permitted scammers to commandeer customer mobile numbers and gain access to their bank accounts. The infractions took place in September and October of 2024…
Joomla Faces Data Breach Affecting 2,700 Users Joomla, a leading open-source content management system (CMS), recently reported a significant data breach impacting approximately 2,700 users of its Resources Directory (JRD) website, resources.joomla.org. The breach compromises personal user data, including full names, business addresses, email addresses, phone numbers, and encrypted passwords.…
Data Privacy, Data Security, Healthcare Sensitive Data of Nearly 470,000 Patients and Employees Potentially Exposed on Dark Web Marianne Kolbasuk McGee (HealthInfoSec) • November 18, 2025 Omni Family Health, a nonprofit operating approximately 40 community health centers in California, has reached a $6.5 million settlement over a 2024 cyber incident…
Privacy Commissioner Raises Concerns Following Alberta Student Data Breach In a recent development alarming to many in the cybersecurity community, the Privacy Commissioner has issued a statement regarding serious findings from an investigation into a data breach involving student information in Alberta. This breach highlights not only the vulnerabilities inherent…
Indian Government Addresses Security Flaw in Digilocker Service The Indian Government has confirmed the resolution of a significant vulnerability within its secure document wallet service, Digilocker. This flaw potentially allowed unauthorized remote access, enabling attackers to bypass mobile one-time passwords (OTPs) and gain unauthorized sign-in access to other users’ accounts.…
Governance & Risk Management, Operational Technology (OT) Trellix Warns of Rising Threats to PLCs from Cyber Attackers Greg Sirico • November 18, 2025 Image: Shutterstock Cybersecurity firm Trellix has issued a stark warning regarding the increasing vulnerability of programmable logic controllers (PLCs) within operational technology environments. Their report highlights a…
Discovery Practice Management Settles Lawsuit Over 2020 Data Breach In a significant development for the cybersecurity landscape, Discovery Practice Management has reached a settlement regarding a data breach that occurred in 2020. This incident has raised concerns among business owners about the vulnerabilities inherent in the handling of sensitive patient…
Access Management, Data Privacy, Data Security NIH Working on Fixes to Address National Security Risks and Weak Access Controls Marianne Kolbasuk McGee (HealthInfoSec) • November 17, 2025 A federal watchdog agency identified security vulnerabilities that could permit unauthorized access to genomics data collected under the NIH’s All of Us research…
In a recent incident, Checkout.com, a payment processing service, faced a data breach attributed to the hacking group known as ShinyHunters, which exploited vulnerabilities in a legacy third-party cloud storage system. This breach reportedly affected less than 25% of the company’s current merchant base, as stated by Mariano Albera, the…
