US fines Equifax $700m over 2017 breach
Global settlement with US authorities follows systems breach that saw more than 140 million customer records stolen.
Financial and credit services firm Equifax has agreed to pay at least $575m, and potentially up to $700m (£614.4m) in a global settlement with the US Federal Trade Commission (FTC), the Consumer Financial Protection Bureau (CFPB) and 50 US states and territories, after its failure to secure its network saw more than 140 million customer records stolen in September 2017.
The breach of Equifax’s systems was the result of an unpatched website vulnerability that enabled the perpetrators to compromise records including dates of birth, social security numbers, home addresses, and other personal information.Read more
Facebook to pay record $5bn to settle privacy concerns
Facebook will pay a record $5bn fine to settle privacy concerns, the US Federal Trade Commission (FTC) has said.
The social network must also establish an independent privacy committee that Facebook’s chief executive Mark Zuckerberg will not have control over.
The FTC had been probing allegations political consultancy Cambridge Analytica improperly obtained the data of up to 87 million Facebook users.
The probe then widened to include other issues such as facial recognition.
The $5bn fine is believed to be the biggest ever imposed on any company for violating consumers’ privacy.Read more
NSA aims to up its cybersecurity game
It’s setting up a Cybersecurity Directorate to help it work better with the likes of Homeland Security and the FBI.
The US National Security Agency (NSA) is forming a Cybersecurity Directorate to “reinvigorate [its] white hat mission.” The cyberdefense arm will launch on Oct. 1.
Anne Neuberger — current NSA senior advisor to the director — will lead the Cybersecurity Directorate, the NSA said Tuesday. Neuberger previously served as NSA assistant deputy director of operations, chief risk officer and head of the NSA/USCybercom Election Security Small Group, which worked against foreign involvement during the 2018 US midterm elections.Read more
Lancaster University Confirms Data Breach, Applicants Targeted
Lancaster University has confirmed that it was “subject to a sophisticated and malicious phishing attack” which resulted in breaches of student and applicant data.
This has led to undergraduate student applicant data records for 2019 and 2020 being accessed, including names, addresses, telephone numbers and email addresses. Lancaster confirmed in its statement that it was “aware that fraudulent invoices” were being sent to some undergraduate applicants and has warned applicants to be aware of any suspicious approaches.
Also breached was Lancaster’s student records system. “At the present time we know of a very small number of students who have had their record and ID documents accessed,” it confirmed.Read more
Your business hit by a data breach? Expect a bill of $3.92 million
Large enterprises may have to foot a far higher bill after a security incident.
The average financial impact of a data breach continues to rise and now can cost the average business up to $3.92 million, according to new research.
Data breaches have become such a common occurrence that hardly a week goes by when a business, organisation, government department, bank, or educational establishment does not admit to the existence of one in their networks or systems.Read more
Global malware down but ransomware up, with UK hard hit
Despite a global decrease in the volume of malware in the past year, ransomware is surging once again, and the UK is one of the worst-hit countries, a report reveals.
The first half of 2019 has seen a resurgence of ransomware, with the UK the worst-hit region, according to the latest threat report from security firm SonicWall.
Despite a 59% decline in ransomware in the UK in 2018, ransomware is up 195% in the first six months of 2019 compared with the same period a year ago, says the report, which is based on data from over a million security sensors in more than 200 countries.Read more