<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0"
     xmlns:content="http://purl.org/rss/1.0/modules/content/"
     xmlns:dc="https://purl.org/dc/elements/1.1/"
     xmlns:dcterms="http://purl.org/dc/terms/"
     xmlns:media="http://search.yahoo.com/mrss/"
     xmlns:atom="http://www.w3.org/2005/Atom"
>
    <channel>
                    <atom:link href="https://www.nexttv.com/feeds/tag/data-breaches" rel="self" type="application/rss+xml" />
                            <title><![CDATA[ Latest from Next TV in Data-breaches ]]></title>
                <link>https://www.nexttv.com/tag/data-breaches</link>
        <description><![CDATA[ All the latest data-breaches content from the Next TV team ]]></description>
                                    <lastBuildDate>Mon, 20 May 2019 12:00:00 +0000</lastBuildDate>
                            <language>en</language>
                                <item>
                                                            <title><![CDATA[ Cyberthreats to ‘Organizations Like Yours’ ]]></title>
                                                                                                                                                                                                <link>https://www.nexttv.com/news/cyberthreats-to-organizations-like-yours</link>
                                                                            <description>
                            <![CDATA[ Cyberthreats to ‘Organizations Like Yours’ ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">hS6TsSyJUQLSnsDPvhQzPU</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/Hvnw5usr4vrHxuJW868DVn-1280-80.png" type="image/png" length="0"></enclosure>
                                                                        <pubDate>Mon, 20 May 2019 12:00:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Policy]]></category>
                                                                                                <author><![CDATA[ john.eggerton@futurenet.com (John Eggerton) ]]></author>                    <dc:creator><![CDATA[ John Eggerton ]]></dc:creator>                                                                                    <dc:source><![CDATA[ http://cdn.mos.cms.futurecdn.net/ETjt8sjZcQr97v7yakQ4hP.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/png" url="https://cdn.mos.cms.futurecdn.net/Hvnw5usr4vrHxuJW868DVn-1280-80.png">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/Hvnw5usr4vrHxuJW868DVn-1280-80.png" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Various Errors (42%), web application attacks (29%) and cyberespionage (13%) top the list of data breach causes for organizations — public and private — that deal with “the creation, transmission and storing of information,” including of TV shows and movies.</p><p>That’s according to Verizon Communications’s 2<em>019 Data Breach Investigations Report</em> a review of data from 41,686 security incidents* and 2,013 data breaches** from 73 different sources. The goal, the report said, was to provide perspectives on threats “organizations like yours face.”</p><p>Verizon’s review found that a third of those threats (actually 34%) were internal, including misuse by authorized users and errors.</p><p>In the interests of better cyber-hygiene — have you scrubbed behind your virtual ears? — The Wire presents some of Verizon’s key takeaways:</p><p><strong>1. Aiming for the top.</strong> C-suite execs are being increasingly targeted, with incidents rising from single digits in the previous report to dozens in the latest.<br/><strong>2. Threatening cloud.</strong> As companies transfer data to the cloud, stolen credentials are the method of choice for hacking those remote email servers.<br/><strong>3. Sorry, right number.</strong> Web-based payment card number theft is on its way to exceeding those from physical terminals, which may be a case of chip-and-pin card technology better protecting physical transactions.<br/><strong>4. Your money or your online life.</strong> Ransomware accounts for about a quarter of all malware-related incidents.<br/><strong>5. HR breathes easier.</strong> Attacks on human resources personnel have decreased, correlating with the virtual disappearance (pun intended) of W-2 tax form scams from the survey.<br/><strong>6. Not-so-smartphones.</strong> Mobile users are more susceptible to click on test phishing e-mails, in part because of the user interface.</p><p><em>* Incident: A security event that compromises the integrity, confidentiality or availability of an information asset.</em></p><p><em>** Breach: An incident that results in the confirmed disclosure — not just potential exposure — of data to an unauthorized party.</em></p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ GOP Sens. Say they Still Need Basics on Yahoo! Breaches ]]></title>
                                                                                                                                                                                                <link>https://www.nexttv.com/news/gop-sens-say-they-still-need-basics-yahoo-breaches-410841</link>
                                                                            <description>
                            <![CDATA[ GOP Sens. Say they Still Need Basics on Yahoo! Breaches ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">iFxSy5wUwVTxAaP3MpRxdX</guid>
                                                                                                                            <pubDate>Fri, 10 Feb 2017 20:33:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Policy]]></category>
                                                                                                <author><![CDATA[ john.eggerton@futurenet.com (John Eggerton) ]]></author>                    <dc:creator><![CDATA[ John Eggerton ]]></dc:creator>                                                                                    <dc:source><![CDATA[ http://cdn.mos.cms.futurecdn.net/ETjt8sjZcQr97v7yakQ4hP.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                                        <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Some powerful Senate Republicans are not happy with Yahoo!'s answer, or they suggest lack of them, about data breaches.</p><p>Sens. John Thune (R-S.D.), chairman of the Senate Commerce Committee, and Jerry Moran (R-Kan.), chairman of the Consumer Protection, Product Safety, Insurance and Data Security Subcommittee, have written Yahoo! CEO Marissa Mayer saying they want to know what Yahoo! has done to identify and mitigate any consumer harm.</p><p>In December, Yahoo! announced it had "data security issues" involving over one billion, with a b, accounts related to a 2013 hack, which they pointed out in the letter was distinct from a 2014 hack, which itself has affected a half billion users, which had been thought to be the largest hack, but apparently not.</p><p>“Despite several inquiries by Committee staff seeking information about the security of Yahoo! user accounts, company officials have thus far been unable to provide answers to many basic questions about the reported breaches,” they wrote.</p><p>They are also not happy with the cancellation, which they called last-minute, of a planned meeting between Yahoo! and congressional staffers that had been planned for Jan. 31.</p><p>They said they were concerned about "the company’s willingness to deal with Congress with complete candor about these recent events," and were looking to Mayer to assuage those concerns.</p><p>They gave Mayer until Feb. 23 to answer the following:</p><p><br/>1."With respect to both the 2013 and 2014 incidents, how many users do these incidents affect? Please describe Yahoo!’s efforts to identify and provide notice to these users.<br/><br/>2."With respect to the aforementioned incidents, what type of data does Yahoo! believe to have been compromised? Does the data include sensitive personal information?<br/><br/>3."What steps has Yahoo! taken to identify and mitigate potential consumer harm associated with these incidents?<br/><br/>4."What steps has Yahoo! taken to restore the integrity and enhance the security of its systems in the wake of these incidents?<br/><br/>5."In addition to answering these questions, please provide a detailed timeline of these incidents, including Yahoo!’s initial discovery of a potential compromise of its user information, forensic investigation and subsequent security efforts, notifications to law enforcement agencies, as well as any notification to affected consumers."</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Cox Investigates Possible Employee-Data Breach ]]></title>
                                                                                                                                                                                                <link>https://www.nexttv.com/news/cox-investigates-possible-employee-data-breach-403158</link>
                                                                            <description>
                            <![CDATA[ Cox Investigates Possible Employee-Data Breach ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">vLgjW8GsdV51YJGZ3z3EMf</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/LVMUJZWdXuvUYEyMHUtQSE-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 08 Mar 2016 19:15:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cox Communications]]></category>
                                                    <category><![CDATA[privacy]]></category>
                                                    <category><![CDATA[dark web]]></category>
                                                    <category><![CDATA[data breaches]]></category>
                                                                                                                    <dc:creator><![CDATA[ MCN Staff ]]></dc:creator>                                                                                                        <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/LVMUJZWdXuvUYEyMHUtQSE-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/LVMUJZWdXuvUYEyMHUtQSE-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="LVMUJZWdXuvUYEyMHUtQSE" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/LVMUJZWdXuvUYEyMHUtQSE.jpg" mos="https://cdn.mos.cms.futurecdn.net/LVMUJZWdXuvUYEyMHUtQSE.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>Cox Communications said it is investigating the possible theft of personal information about its employees after a listing appeared on a so-called dark Web site advertising access to email addresses, phone numbers and other information for 40,000 employees of the cable, phone and Internet provider.</p><p>The company released a statement late last week -- after the apparent <a href="http://motherboard.vice.com/read/cox-investigates-as-employee-data-appears-for-sale-on-the-dark-web">breach was reported</a> on by Vice's Motherboard site -- saying: "Cox Communications is aware of this matter and the business-related information to which it relates. The listing did not include any residential customer data. We’re taking this very seriously and have engaged a third-party forensic team to conduct a comprehensive investigation and are actively working with law enforcement. Cox’s commitment to privacy and data security is a top priority for the company." </p><p>[RELATED STORY: Wheeler's FCC expected to take up broadband information-privacy measure <a href="https://www.nexttv.com/news/wheeler-broadband-privacy-item-could-come-month-402995" data-original-url="https://www.multichannel.com/news/wheeler-broadband-privacy-item-could-come-month-402995">as soon as this month</a>.]</p><p>Motherboard reported it obtained a small sample of the data for verification purposes and shared it with Cox.</p><p>Cable companies' customers have been a target for data hacks, including recent ones affecting <a href="https://www.nexttv.com/news/comcast-resetting-about-200k-passwords-395197" data-original-url="https://www.multichannel.com/news/comcast-resetting-about-200k-passwords-395197">Comcast</a> and <a href="https://www.nexttv.com/news/twc-investigates-possible-data-theft-396348" data-original-url="https://www.multichannel.com/news/twc-investigates-possible-data-theft-396348">Time Warner Cable</a>. Cox in November 2015 agreed to pay a $595,000 settlement with the FCC Enforcement Bureau for failing to "properly protect" customer data related to a 2014 hack by "EvilJordie" of the "Lizard Squad." But this most recent apparent hack did not involve residential customer information, Cox said.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ OPM: Data Breach Affected 25 Million ]]></title>
                                                                                                                                                                                                <link>https://www.nexttv.com/news/opm-data-breach-affected-25-million-392079</link>
                                                                            <description>
                            <![CDATA[ OPM: Data Breach Affected 25 Million ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">fiCDHJYPzvqxmsJm1d5TCq</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/Bvr9FV97drTHBzCgKtYqmX-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 09 Jul 2015 20:30:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[cybersecurity]]></category>
                                                    <category><![CDATA[data breaches]]></category>
                                                    <category><![CDATA[Congress]]></category>
                                                                                                <author><![CDATA[ john.eggerton@futurenet.com (John Eggerton) ]]></author>                    <dc:creator><![CDATA[ John Eggerton ]]></dc:creator>                                                                                    <dc:source><![CDATA[ http://cdn.mos.cms.futurecdn.net/ETjt8sjZcQr97v7yakQ4hP.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/Bvr9FV97drTHBzCgKtYqmX-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/Bvr9FV97drTHBzCgKtYqmX-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="Bvr9FV97drTHBzCgKtYqmX" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/Bvr9FV97drTHBzCgKtYqmX.jpg" mos="https://cdn.mos.cms.futurecdn.net/Bvr9FV97drTHBzCgKtYqmX.jpg" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pull-"></p></div></div></figure><p>WASHINGTON — The U.S. Office of Personnel Management on Thursday (July 9) increased the total number of current and former federal employees — as well as spouses, partners and those who tried but failed to get a government job — affected by two separate data breaches to more than 25 million.</p><p>According to an update on the two cybersecurity breaches, the OPM said that while investigating the theft of Social Security numbers, addresses and other information on 4.2 million people, it discovered last month that sensitive information from an additional 21.5 million people, who had supplied data for background checks, had had their personal information stolen.</p><p>The good news is that apparently no health or financial records were affected. The other good news is that, at least to date, the OPM said there is nothing to suggest the stolen information has been misused.</p><p>Those highly likely to have been affected include everyone who underwent a background check investigation dating from 2000, and perhaps even before, though that is less likely, the OPM said.</p><p>At about the same time the OPM was releasing its new and newly troubling figures, bipartisan leaders of the House Energy & Commerce Committee requested info from the Federal Trade Commission and Consumer Financial Protection Bureau on consumer protections following data breaches.</p><p>“It may be possible to streamline the process to reduce fraud following a breach. Therefore, we are writing to learn more about consumer-friendly post-breach protections, including whether the process of activating and inactivating a credit freeze can be made more efficient and less costly,” the lawmakers said.</p><p>They also want a briefing from each agency by July 20.</p><p>Signing on to the letter were the Energy and Commerce Committee chairman Rep. Fred Upton (R-Mich.) and ranking member Rep. Frank Pallone, (D-N.J.); Commerce, Manufacturing, and Trade Subcommittee chairman Michael C. Burgess (R-Tex.) and ranking member Jan Schakowsky (D-Ill.); and Oversight and Investigations Subcommittee chairman Tim Murphy (R-Pa.) and ranking member Diana DeGette (D-Colo.).</p><p>Sen. Ron Johnson (R-Wis.), chairman of the Senate Committee on Homeland Security and Governmental Affairs,was not pleased with the news. “The OPM has finally confirmed what the news media and the FBI have been saying about the data breach for the past month — this unprecedented hack was over six times what we were initially told," he said in a statement. "Today’s announcement shows not only that cybersecurity on federal agency networks has been grossly inadequate but that the management of the OPM is not up to the task of fixing the problem. The agency and the administration have not even been able to correctly define the scope of the problem. This will have grave consequences for national security.”</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
            </channel>
</rss>