American Medical Collection Agency (AMCA) Data Breach : Why It Happened & What Can You Learn? (24 Million Customers Affected)

American Medical Collection Agency (AMCA) Data Breach : Why It Happened & What Can You Learn? (24 Million Customers Affected)

24 million customers is approximated to be affected through this third party breach.  The data breach experienced by American Medical Collection Agency (AMCA), a third-party bill-collection vendor for the health institutions, affected 17 health institutions including the United States’ biggest lab testing companies, Quest and LabCorps. The affected institutes include Quest Diagnostics (12 Million),Laboratory Corporation OfRead more about American Medical Collection Agency (AMCA) Data Breach : Why It Happened & What Can You Learn? (24 Million Customers Affected)[…]

Cable One Data Breach : Why It Happened & What Can You Learn?

Cable One Data Breach : Why It Happened & What Can You Learn?

Cable One Inc. on 16 August 2019, said that a data breach earlier this year could have affected the personal information of some current and former employees, but also could have reached some of those employees’ family members. Although Cable One (NYSE: CABO) said it is not aware of any misuse of information as aRead more about Cable One Data Breach : Why It Happened & What Can You Learn?[…]

Steps To Build An Enterprise Third-Party Risk Management Program

Steps To Build An Enterprise Third-Party Risk Management Program

Vendor or enterprise third party risk related breaches are at an all time high. Several of the high profile breaches like Uber, Amazon, British Airways & more has been caused due to 3rd party. Most of the major security related framework, guidelines, compliance and regulations has made 3rd party risk management a mandatory part of overall security program. Following are the key steps for building an effective third party risk management (vendor risk management) program.

Capital One Hacked : Why It Happened & What Can You Learn?

Capital One Hacked : Why It Happened & What Can You Learn?

Capital One data breach affected over 106 million people, 140,000 Social Security numbers, 80,000 bank account numbers,1,000,000 Social Insurance Numbers … The breach had taken place about 4 months back however it took some time before the breach was realised, in-fact it took an external tip for Capital One to realise something had happened. TheRead more about Capital One Hacked : Why It Happened & What Can You Learn?[…]

Marriott Hacked : Why It Happened & What Can You Learn?

Marriott Hacked : Why It Happened & What Can You Learn?

Why It Happened ? Marriott faces a fine of $124 million proposed by UK regulators under the EU’s new privacy rules. Before being discovered, the breach persisted for 4 years, dated back to 2014 but was not discovered until November 2018. Marriott said the long-running breach exposed such information as names, email addresses, phone numbers,Read more about Marriott Hacked : Why It Happened & What Can You Learn?[…]

British Airways Hacked : Why It Happened & What Can You Learn?

British Airways Hacked : Why It Happened & What Can You Learn?

$230m fine proposed as penalty to British Airways from the Information Commissioner’s Office for the data breach that is believed to have affected thousands of their customers between April and June 2018. The breach was disclosed in September.  (Free Demo) Discover Your Attack Surface Now Why It Happened ? This attack involved user traffic from British AirwaysRead more about British Airways Hacked : Why It Happened & What Can You Learn?[…]

NASA Hacked : Why It Happened & What Can You Learn?

NASA Hacked : Why It Happened & What Can You Learn?

(NASA Hacked) On 21 June, 2019 major news channels disclosed a major hack on NASA. Hackers were able to gain unauthorized access using Raspberry Pi and stole ‘Mars Mission Data’ and breached ‘NASA’s satellite dish network’. This happened around April 2018 and went unnoticed for for almost a year. It is advisable to do anRead more about NASA Hacked : Why It Happened & What Can You Learn?[…]

Shocking Results From Hidden Internet – Exposed Database,Leaked Passwords, Code Leaks & more

Shocking Results From Hidden Internet – Exposed Database,Leaked Passwords, Code Leaks & more

In recent past there have been some major breaches and some key reasons responsible for the breach were Shadow IT, Leaked Credentials, 3rd Party/Vendor Risks. Major breaches like American Express, Uber, Dropbox, Dunkin Donuts, British Airways & many more. This research was in line with this to continuosly monitor the web (surface,deep,dark) to understand the leaked credentials,Read more about Shocking Results From Hidden Internet – Exposed Database,Leaked Passwords, Code Leaks & more[…]

Free 3rd Party Information Security Assessment Guideline

Free 3rd Party Information Security Assessment Guideline

This free document is on Free 3rd Party Information Security Assessment Guideline (Courtesy Cybersecurity Malaysia). Cybersecurity Malaysia has made this great document with authors Nor’azuwa Muhamad Pahri and Noor Aida Idris Third Party Information Assessment Guideline Includes –  Pre-Assessment Roles & Responsibilities for Organisations Develop Assessment Requirements Plan and Allocate Resources Evaluate 3rd Party AssessorRead more about Free 3rd Party Information Security Assessment Guideline[…]