Many security leaders rely on a cost-per-record metric to calculate the costs of a security incident. The latest research from Cyentia Institute using Advisen data shows estimates based on that metric are frequently inaccurate.
Maze ransomware, which infected Pensacola, Florida, exfiltrates the data to a remote server before encrypting the local copies in order to force victims to pay the ransom. The group threatens to publicly release the files if the victims don't pay.
A data breach disclosed in August by Imperva came from an AWS API key stolen from a compromised internal compute instance in 2017.
Security firm Imperva says that API keys and SSL certificates for some of its Cloud WAF customers were exposed in a data breach.
The Georgia Supreme Court is being asked to decide whether data breach victims have to wait for actual fraud or theft to happen before they can sue to recover the costs spent protecting themselves after a data breach.