Age-verification mandates will increase the number of data breaches, such as the recent incident involving dating safety app Tea (see 2507280017), ACT | The App Association said in a blog post Friday.
Operational technology (OT) owners should create an asset inventory to maintain cybersecurity across all critical infrastructure sectors, U.S. agencies said Wednesday in joint guidance issued with officials in Australia, Canada, Germany, the Netherlands and New Zealand.
Columbia University began sending notification letters Thursday to those whose personal information was impacted during a May cyberattack, according to the university and several state attorneys general who reported the breach. An unauthorized third party, which stole the data, accessed the system in May, though the school discovered the breach as a result of a June 24 tech outage that disrupted IT systems (see 2507030020).
The several lawsuits following the July data breach of women-only app Tea expose gaps in data governance and data protection guardrails that may be present within the entire app ecosystem, said Mary Bennett and Rob Robinson of privacy vendor HaystackID in a Friday blog post. First reported on July 25, the breach of Tea leaked 72,000 images, including 13,000 selfies with identifying information (see 2507280017). The app is intended to increase safety for online daters.
Federal courts are working with agencies and Congress to better secure sensitive court documents after a series of "recent" cybersecurity attacks on the judiciary's filing system, the Administrative Office of the United States Courts said in a statement Thursday.
Google Threat Intelligence Group confirmed that hackers accessed the contact information of some customers when one of its Salesforce databases was breached in June.
United Health Group has shown a “repeated pattern” of failing to secure cyber systems after acquiring companies, Sens. Bill Cassidy, R-La., and Maggie Hassan, D-N.H., said in a letter to the company Monday.
With federal agencies deemphasizing rulemaking and enforcement, “states are advancing more prescriptive cybersecurity standards for financial institutions, including many that align with the approach and standards set by the New York Department of Financial Services (NYDFS),” the Cooley law firm blogged Wednesday.
Security company Palo Alto Networks announced Wednesday an agreement to buy Israeli identity security provider CyberArk for $25 billion in cash and stock. Palo Alto Chairman and CEO Nikesh Arora said on CNBC’s Squawk on the Street that the deal will strengthen his company's ability to prevent AI-based identity theft, noting that about 88% of ransomware attacks are driven by credential theft, and “identity is an unsolved problem.” Palo Alto viewed CyberArk as the “strongest player” in the space, he said.
A women-only app intended to enhance safety for online dating users has disabled its direct messaging (DM) feature after learning that some messages were accessed during a data breach that occurred July 25 (see 2507280017). Earlier this month, the Tea app suffered a breach that leaked 72,000 images, including 13,000 selfies with identifying information.