Legal Fallout Mounts with Class Action Lawsuit Filed Over Oracle Data Breach
Description
On March 21, 2025, a security research team identified a threat actor who claimed to possess millions of data lines tied to over 140,000 Oracle Cloud tenants. The breach took place in January of 2025 and was facilitated through a Java vulnerability that allowed the attacker to deploy malware targeting Oracle’s Identity Manager database. The attacker was then able to exfiltrate authentication information including usernames, (more…)
NY AG’s Lawsuit A Wake-Up Call for Insurance Companies
Description
The New York Attorney filed a lawsuit against multiple insurance companies that allegedly failed to protect the personal information of New York drivers from being compromised in cyberattacks. The timeline of the events involving the breach incidents is as follows:
- August 2020 – The first attack against the National General insurance company
- October 2020 – A second attack takes place
- November 2020 – The (more…)
Class Action Lawsuits Emerge Following Large Job Applicant Data Breach
Description
DISA Global Solutions provides comprehensive background checks and drug testing services that help employers maintain workplace safety, ensure regulatory compliance, and manage risk through pre-employment screening programs and ongoing workforce monitoring solutions. On April 22, 2024, DISA detected a cyber incident within its network. They launched an immediate probe that determined that an unauthorized actor had gained access between February 9, 2024, and April 22, (more…)
Cybersecurity and Parking Apps – ParkMobile Settlement Offers $32 Million to Affected Users
Description
The use of parking apps has grown substantially in recent years. Parking apps also intake a great deal of personal information from drivers that use it. This makes them potential targets. March 5, 2025 was the final data to submit a claim for a share of the $32.8 million settlement involving the data breach of ParkMobile in March of 2025. ParkMobile is one of (more…)
Navigating Cyber Risk Management Options in the Modern Era
Every business inherently faces some degree of risk. It is, ironically, an essential component of success. Establishing a digital presence offers numerous opportunities but also introduces significant risks. While it would be ideal for best-of-breed cybersecurity tools to halt all cyberattacks, such an expectation is currently unrealistic. The objective then is to implement cyber (more…)
Third-Party Crashers: Recent Data Breaches Targeting Vendors and Service Providers
Thank goodness we have partners, suppliers, contractors, and third-party service providers to keep our businesses operating smoothly. But let’s make sure that your security postures are aligned – your partners serve as an extension of your business and it is your duty to ensure they are secure and in compliance with your standards as well as (more…)
A Summary of DBIR 2020 – Where the Data Breach World is Today and How to Prepare for IT
The annual 2020 Data Breach Investigations Report (DBIR) was recently released and we would like to summarize some of the key trends found in the report. The Report takes a granular look at threat actors (bad guys) and the tactics they used to carry out the breaches and security incidents of the last year. (more…)
CMMC 101: The Basics of Cybersecurity Maturity Model Certification
WHAT IS CMMC? CMMC which stands for ‘Cybersecurity Maturity Model Certification’ is the upcoming required standard for all contractors and suppliers that work with the Department of Defense (DoD). (more…)
