DataBreachToday.com

Draft Guidelines Call for Longer, Randomized Passwords Instead of Memorized Phrases
The National Institute of Standards and Technology is calling for longer, randomized passwords instead of memorized phrases containing combinations of upper and lowercase letters in new guidance that aims to modernize current password practices across the public and private sectors.

Featurespace's AI Expertise Will Enhance Visa's Fraud, Risk and Payments Technology
Visa has signed a definitive agreement to acquire AI-driven fraud prevention leader Featurespace. This acquisition will reinforce Visa's fraud detection capabilities, integrating advanced machine learning technology to strengthen financial crime prevention and protect global transactions.

Survey Finds 37% of Providers Take Over a Month to Recover From Ransomware
Ransomware attacks are declining across many sectors - but not in healthcare, where an ongoing surge is reaching a four-year high in incidents, according to new research from security firm Sophos, which surveyed 5,000 IT leaders across 15 sectors and 14 countries between January and February.

OpenAI Seeks to Become a For-Profit Company
Wednesday brought more turmoil in the top ranks of OpenAI after three executives in leadership positions quit the company at a time when the AI giant seeks to convert itself into a for-profit entity. The new structure may affect how the company prioritizes and addresses AI risks.

How Curiosity and Gamification Drive Cybersecurity Excellence
Curiosity is one of the most important traits for success in cybersecurity. Professionals in this field regularly face complex problems that require an inquisitive mind, and gamified, hands-on learning is one of the best ways to develop an inquisitive mindset.

How to Safeguard Critical Infrastructure
Neglecting network security can lead to serious consequences for organizations. Here are the essential practices for managing network security, along with real-world examples that reinforce the importance of comprehensive protection. The time to secure your network is now - before it's too late.

Meta, Apple, Mistral, Nvidia Not Among AI Pact's Signatories
More than 100 tech companies including OpenAI, Microsoft and Amazon on Wednesday made voluntary commitments to conduct trustworthy and safe development of artificial intelligence in the European Union, with a few notable exceptions, including Meta, Apple, Nvidia and Mistral.

New Estimate Is 3 Times Higher Than Number Agency Initially Publicly Disclosed
The U.S. Centers for Medicare and Medicaid Services has updated the scope of the MOVEit hacking breach last year, telling a sister agency that the software supply chain attack affected more than 3.1 million individuals - about three times the number of victims disclosed publicly earlier this month.

New Guidance Aims to Improve School Responses to ‘Scourge’ of Anonymous Threats
The Cybersecurity and Infrastructure Security Agency unveiled a new toolkit Wednesday aimed at improving school responses to anonymous threats of violence, as the agency kicked off a two-day summit focusing on school security amid increasing threats targeting school systems nationwide.

Clumio Adds Advanced Cyber Resilience, AWS Data Recovery to Commvault's Platform
Commvault aims to boost its AWS cyber resilience capabilities through the buy of Clumio. With a focus on protecting critical data stored in Amazon S3, this move will boost Commvault’s recovery efforts for hybrid cloud customers, offering near-instant data recovery and better application protection.

How to Navigate the New Challenges and Opportunities
AI has enabled supply chains to become more proactive and predictive. Through machine learning algorithms, natural language processing and advanced analytics, organizations can now forecast demand with greater accuracy, anticipate potential disruptions and optimize inventory management in real time.

Millions of Customers Will Also Be Offered Monitoring of Genetic Data on Dark Web
Genetics testing firm 23andMe will offer cash payments to millions of individuals whose sensitive data was compromised in a 2023 credential stuffing incident. Under the proposed $30 million lawsuit settlement, affected customers will also be offered dark web monitoring of their genetic data.

Herjavec of 'Shark Tank' Steps Down After 21 Years in Charge, Remains Board Member
"Shark Tank" TV star and company founder Robert Herjavec is stepping down as CEO of Cyderes, making way for Simeio CEO Chris Schueler to assume the role Oct. 1. Schueler has a strong background in identity management, and Herjavec will remain involved as an investor and board member.

No Disruption to Service; Manual Operations Implemented
FBI and U.S. Department of Homeland Security officials are in Arkansas City, Kansas, to investigate a cyberattack at the city's water treatment facility. "There has been no disruption to service. Out of caution, the Water Treatment Facility has switched to manual operations," said the city manager.

Spy Agency Says Taiwanese Defense Ministry Is Trying to Disrupt Chinese Politics
China's Ministry of State Security has accused a Taiwanese government agency of waging cyberattacks on the mainland's digital assets across multiple organizations and running disinformation campaigns on social media to disrupt the political system and sow social discord.

Lehigh Valley Health Network Will Pay 134,000 Victims of Ransomware Attack and Leak
A Pennsylvania-based healthcare system that was hacked by ransomware group BlackCat in 2023 and extorted over stolen exam photos of breast cancer patients posted to a data leak site has agreed to pay $65 million under a proposed settlement of a lawsuit affecting 134,000 patients and employees.

Attackers Could Shut Down Operations Or Cause Physical Damage
A severe vulnerability in Rockwell Automation software used to configure programmable logic controllers could allow attackers to remotely execute malicious code. The vulnerability is rated 8.8 on the CVSS v4 scale. The U.S. Cybersecurity and Infrastructure Security Agency advised immediate patching.