A significant security breach has compromised the password management platform LastPass, originating from a lapse in software maintenance by one of its engineers. This incident underscores the critical risks associated with neglecting timely software updates. In a disclosure made last week, LastPass provided insights into how attackers leveraged information obtained…
Data Breach Notification, Data Security, Healthcare Regulators Investigate Potential Delay in Notification of Breach Affecting 462,000 Insurance Members Marianne Kolbasuk McGee (HealthInfoSec) • October 23, 2025 Montana state officials are probing a data breach at Blue Cross Blue Shield of Montana linked to a vendor. (Image: BCBSMT) Montana state regulators…
Toys ‘R’ Us Canada Customer Information Leaked Online In a significant cybersecurity incident, customer information from Toys ‘R’ Us Canada has reportedly been exposed online. The breach raises critical concerns regarding the safety of sensitive consumer data in an era where digital transactions are commonplace. The leaked information, which may…
Apple Addresses Zero-Day Vulnerabilities in Major Security Update In a swift response to emerging threats, Apple has deployed critical security updates across its operating systems, including iOS, iPadOS, macOS, visionOS, and Safari. These updates are aimed at mitigating two zero-day vulnerabilities that have reportedly been exploited by malicious actors in…
On Wednesday, the U.S. Commerce Department announced the addition of four companies, including two Israeli spyware firms—NSO Group and Candiru—to its list of foreign entities implicated in “malicious cyber activities.” This designation follows findings that both companies provided spyware to foreign governments, which in turn have targeted officials, journalists, business…
A significant outage affecting Amazon Web Services (AWS) commenced early Monday morning, severely disrupting various sectors including communication, finance, healthcare, education, and government platforms globally. The incident, originating from AWS’s critical US-EAST-1 region in northern Virginia, highlighted the internet’s intricate and delicate interdependencies. The outage began around 3 am ET…
In a significant law enforcement operation, a 21-year-old man from New York has been arrested for allegedly operating the notorious hacking forum BreachForums under the alias “Pompompurin.” The arrest, reported first by Bloomberg Law, follows intensive investigations by federal authorities at a residence in Peekskill, where evidence was confiscated. According…
Cybercrime, Fraud Management & Cybercrime, Incident & Breach Response Envoy Air Confirms Data Compromise Following Clop Extortion Campaign Anviksha More (AnvikshaMore) • October 23, 2025 Image: Shutterstock/ISMG Every week, Information Security Media Group compiles notable cybersecurity incidents from around the globe. Highlights include Qilin’s unfounded claims against a Spanish tax…
Prosper Marketplace Suffers Major Data Breach Affecting 17.6 Million Users In a major incident reflecting one of the year’s largest fintech breaches, Prosper Marketplace, the San Francisco-based peer-to-peer lending platform, has confirmed a significant data compromise impacting approximately 17.6 million individuals. Recent disclosures, initially reported by TechRadar and Tom’s Guide,…
