LastPass to Pay Up to $24 Million Following Data Breach Settlement LastPass, a well-known password management service, has reached a settlement agreement valued at up to $24 million in response to a lawsuit arising from a significant data breach. The settlement entails a direct payout of $8.2 million to address…
On December 18, 2025, Australia’s University of Sydney reported a significant cybersecurity breach, revealing that hackers compromised an online coding repository, extracting personal information belonging to thousands of staff, students, alumni, and donors. The university characterized the breached data as ‘historic,’ which has placed one of Australia’s leading academic institutions…
Fraud Management & Cybercrime, Governance & Risk Management, Multi-factor & Risk-based Authentication Practical Steps to Enhance Security and Resilience Sean D. Mack • December 17, 2025 Image: Shutterstock Leaders of small and mid-sized enterprises (SMEs) frequently assert, “We’re too small to be a target.” This misconception endangers their organizations, especially…
Massive Data Breach Exposed at Citrix, Targeting U.S. Government and Corporate Networks In a concerning revelation last weekend, Citrix, a prominent provider of enterprise software that serves the U.S. military, the FBI, and various governmental agencies, announced a significant data breach of its internal network. The intrusion, attributed to “international…
The Ladies’ College has reported a significant cybersecurity incident that occurred on June 24, 2024, when the institution discovered it was unable to access several on-premises servers. Upon investigation, unauthorized access was identified, leading to the encryption of some systems with ransomware. While the majority of the compromised data did…
Cyberattacks against high-profile corporations often dominate headlines, casting shadows over more subtle incidents that may not receive as much attention. However, breaches affecting smaller organizations are increasingly drawing legal scrutiny and regulatory attention. Recent trends indicate that no data breach is too insignificant to evade serious legal repercussions, particularly in…
SonicWall has issued a critical alert regarding active exploitation efforts targeting a zero-day vulnerability in its Secure Mobile Access (SMA) 100 series devices. This vulnerability affects both physical and virtual SMA 100 10.x devices, covering models such as the SMA 200, 210, 400, 410, and 500v. This issue came to…
Microsoft Concludes Investigation into SolarWinds Hack: Key Findings Revealed On Thursday, Microsoft announced the completion of its investigation into the SolarWinds cyberattack. The company confirmed that while the attackers were indeed able to exfiltrate source code from its repositories, there is no evidence that they leveraged this breach to access…
On November 13, 2025, DoorDash Inc. revealed it had suffered a significant data breach resulting from a social engineering attack that occurred the previous month. The breach exposed crucial customer data, including names, email addresses, phone numbers, and delivery addresses, raising concerns about the persistent vulnerabilities inherent to even the…
