Stir Friday Recap - Security News From March 2019
Here’s a look back on the top cybersecurity stories from the month of March that were featured in our Stir Friday email newsletter. If you want to get more timely access to these stories, be sure to subscribe to receive our Friday emails with all the key stories from the week.
CYBERSECURITY STORIES FROM THE PAST MONTH
A hacker using the identity ‘Gnosticplayers’ has topped one of the largest data breaches ever by offering for sale 26 million records stolen from another six online companies. This new sale is the fourth round of records from this hacker, totaling 863 million records from 38 sites.
According to one report, there are other companies that were victims, but the data did not get released because the companies paid a ransom. That could be the prime motive in this series of attacks. Regardless of motive, whoever is behind this wave of attacks is certainly amassing a large collection of data.
North Korea’s cybercrime capabilities have given the country the ability to flaunt international sanctions by allowing the regime to steal millions in currency, not only from banks but from cryptocurrency exchanges.
These attacks, which have been reported before, include breaches of exchanges and banks via the SWIFT network.
NASA’s Office of the Inspector General (OIG) has once again concluded the American space agency’s tech security practices are “not consistently implemented.” The OIG criticized the agency’s staff for untimely performance of information security control assessments and their ability to protect the confidentiality, integrity, and availability of its data, systems, and networks.
OIG reports are both instructive and frustrating. The faults various OIG offices find are sometimes informative, but at the same time the agencies on the receiving end of many OIG reports get no additional resources to fix whatever problems the OIG offices find.
A 2017 data breach at Sonic restaurants caused financial institutions to lose revenue, a new lawsuit claims.
This is not new. When a commercial company has a data compromise involving credit cards, that often leads to fraudulent charges on those credit cards. Because card owners can’t be liable for more than $50 USD, the card issuing bank has to absorb the remainder of the fraud, as well as possible other costs.
SUBSCRIBE FOR MORE INSIGHTS AND DETAILS
If you’d like to receive the full breakdown and commentary on the biggest cybersecurity stories in the news, subscribe to the Stir Friday newsletter, delivered straight to your mailbox.