DataBreachToday.com

Senate HELP Committee Leaders Ask Insurer: What Went Wrong in the Cyberattack?
A U.S. Senate committee is demanding details from insurance giant Aflac about the company's recent cyberattack that compromised the personal and health information of a yet undisclosed number of Americans. Senators last year gave the same scrutiny to the Change Healthcare mega-breach.

Also: DSLRoot Turns Homes Into Proxies, Cyberattack Disrupts Swedish Towns
This week: TransUnion incident affects 4.5 million, DSLRoot residential proxies, Operation Serengeti 2.0, ZipLine campaign exploits contact forms, a cyberattack disrupts 200 Swedish municipalities, Maryland Transit Administration hit by ransomware, TAG-144 escalated attacks in South America.

US Cyber Defense Agency Deploys Support to Nevada Following Ransomware Incident
The Cybersecurity and Infrastructure Security Agency and FBI are aiding Nevada after a cyberattack disabled state services, exposing how local governments - amid surging ransomware, IT shortfalls and federal funding cuts - are increasingly reliant on strained national cyber defense resources.

Buying Spanish Startup Brings Real-Time Data Pipeline Tech to Boost SOC Efficiency
CrowdStrike announced plans to acquire Spanish startup Onum Technology for $290 million. The move brings advanced data pipeline tools into its Falcon platform, speeding up threat detection and consolidating SOC workflows for customers leaving legacy SIEMs.

Concerns About Enterprise AI Are Opening New Opportunities for Problem-Solvers
Some organizations are hesitant about implementing artificial intelligence tools in their enterprises because of accuracy, security and privacy concerns. That hesitation creates opportunities for professionals who can bridge the gap between technical potential and practical deployment.

Threat actors now use AI for scaling organized retail crime and to make bot detection more difficult. How can defenders use AI to respond? Jackie Deloplaine of RH-ISAC and Derek Dykens of Splunk share insight and optimism on the use of AI to detect and combat ORC.

US and Allies Warn About Persistent and Long Term Access to Network Equipment
The Chinese hackers responsible for breaking into telecom networks across the globe capitalize on already documented vulnerabilities, principally in Cisco routing equipment, warn a slew of national cybersecurity agencies. Hackers use publicly known vulnerabilities with CVE designations.

HHS Shifts 42 CFR Enforcement Duties to Office of Civil Rights Amid Massive Reorg
The U.S. Department of Health and Human Services has put its Office for Civil Rights in charge of investigating and penalizing organizations that breach the confidentiality of substance abuse disorder records. Some fear the agency doesn't have the bandwidth to enforce both HIPAA and 42 CFR Part 2.

Class Action Litigation Accused Mt. Sinai of Sending Patient Info to Facebook
A New York City healthcare system has agreed to pay nearly $5.3 million to settle a proposed class action lawsuit alleging that the hospital's use of online tracking tools in its patient portal and website sent patient information to Facebook without their knowledge or consent for years.

Deal Ends Suit Alleging Microsoft's Message Encryption Tool Violated Virtru Patents
After three years of litigation, Virtru and Microsoft have settled a patent infringement case involving the tech giant’s email encryption product. The suit claimed Microsoft's technology infringed Virtru’s patented identity-driven encryption method for seamless, credential-free data access.

Citrix Publishes Patches After Attackers Exploit Memory Overflow Vulnerability
NetScaler customers of virtualization giant Citrix once again should patch immediately to stymie the hackers exploiting a zero-day. Citrix warned Tuesday that hackers are using a memory overflow vulnerability now tracked as CVE-2025-7775. The vulnerability carries a CVSS score of 9.2.

Just-in-Time, Database, Kubernetes Access Fuel Privileged Access Startup M&A
By acquiring startup Axiom Security, Okta aims to enhance privileged access by offering broader coverage of sensitive assets like Kubernetes containers and databases. The company says the move accelerates value delivery and complements Okta's existing privileged access capabilities.

Department of Government Efficiency Staffers Created 'Live Replica' of SSA Data
The Social Security Administration's chief data officer is warning in a whistleblower complaint that DOGE created a cloud replica of the Social Security database without proper authorization or oversight, potentially exposing the personal data of 300 million Americans.

Pakistan-Linked Threat Actor Targets Indian Linux Operation System
Pakistan-linked hackers are targeting an Indian Linux-based operating system by tricking government employees into clicking malicious files that look like PDFs. When opened, the files install spyware, giving attackers long-term access to sensitive government systems.

Nevada Grappling With Statewide IT Disruption, Forcing Suspension of Services
Nevada officials are investigating a network security breach that forced state offices to suspend services and knocked key systems offline, including websites and phone lines, though emergency services remain active and no data exposure has been confirmed.

ACI Worldwide's Signals Network Intelligence Technology Promises to Fight APP Scams
Real-time payments are set to boost global GDP by $285.8 billion and bring 167 million people into the financial system by 2028. ACI Worldwide says real-time fraud prevention is key to protecting these gains.

Farmers' Breach Affects 1.1 Million; Aflac Is Still Counting Victims
Two major U.S.-based insurers - Farmers Insurance and Aflac Inc. - have each reported to regulators data breaches involving two recent separate cyberattacks. The breaches follow a spring and summer spree of data exfiltration incidents that hit multiple large players in the insurance sector.

Nevada Grappling with Statewide IT Disruption, Forcing Suspension of Services
Nevada officials are investigating a network security breach that forced state offices to suspend services and knocked key systems offline, including websites and phone lines, though emergency services remain active and no data exposure has been confirmed.

One Prompt Was Enough for AI Agent to Buy, Click and Expose Sensitive Data
AI agents that shop and surf the web on behalf of users are suckers for scams, find security researchers who sicced a fake online story, a phishing email and a fake captcha on Perplexity's AI-powered web browser Comet. The AI's logic was not designed to weigh credibility or risk.

Physical Security Firm Eyes Insider Risk, Federal Growth and AI-Powered Automation
Ontic has raised $230 million in Series C funding to expand its connected intelligence platform and pursue new federal and international markets. The Austin, Texas-based company will invest in AI, integrations and data to strengthen cyber-physical threat detection and automation.