Digital Privacy Watch

Vulnerability exploitation now leads initial access in breaches for the first time in 19 years, overtaking stolen credentials.

• Healthcare under...

Ransomware groups are pivoting to signing services and pure data extortion, targeting schools and organizations while highlighting urgent needs for...

A security flaw on TrumpMobile.com exposed customer details including emails and addresses, with warnings ignored until made public.

• Sales claims...

BWH Hotels confirmed a major breach exposing sensitive customer information across its Best Western, WorldHotels and SureStay brands. This latest...

Ransomware, AI-enabled campaigns, and nation-state actors are actively targeting critical infrastructure and the defense industrial base, with federal...

Managed EDR delivers real-time endpoint detection and response capabilities that directly counter ransomware threats. A single compromised workstation...

A malicious Visual Studio Code extension compromised a GitHub employee's device, allowing attackers to steal data from roughly 3,800 internal...

Major Data Breaches

• 🔥 NYC Health Breach: NYC Health and Hospitals reports unauthorized access via a third-party vendor exposing medical...

Hackers stole medical records, SSNs, insurance data, and fingerprints from 1.8 million patients, creating direct privacy threats for everyday...

• Vulnerability exploitation has overtaken credential abuse as the leading initial access vector, putting unpatched personal apps and devices directly...

Cybersecurity investments in healthcare are at an all-time high, but the structure of those investments may be limiting their effectiveness in protecting patient data. This suggests simply increasing spending isn't enough to close security gaps.

Recent extortion targeting the Canvas learning platform forced schools into maintenance mode while Taiwan rail systems revealed weak communications...

Incogni automates opt-outs from data brokers, delivering noticeable reductions in exposed personal info for everyday users over time.

• Proven...

Supply chain attacks are directly targeting developers through malicious npm packages and GitHub Actions compromises, spreading malware like Mini...

Attackers never touched Element-Data's servers directly, instead exploiting a workflow vulnerability that quietly threatened the open-source stack...

Texas's new privacy law hands residents direct control over their personal data while imposing clear obligations on affected businesses.

• Consumer...

The Synnovis ransomware attack in the United Kingdom disrupted pathology services across South-East London, reducing test-processing capacity and...

AI is rapidly escalating threats to critical infrastructure, with direct risks to healthcare privacy and essential services.

• EU Parliament Warning:...

A hotel check-in platform used in Japan left over 1 million passport, driver's license, and facial scan records publicly accessible online for...

Exposed RDP remains one of the most reliable attacker entry points, with most teams unaware that it's open.