DataBreachToday.com

Trapets CEO Gabriella Bussien on Why Banks Need to Fine-Tune, Automate KYC Processes
KYC protocols traditionally focus on account-level verification, but examining KYC at the product level can help banks assess risk more accurately. Asking targeted questions based on product risk enables institutions to detect potential financial crimes, said Gabriella Bussien, CEO of Trapets.

Also: LottieFiles Attack, Craig Wright's Contempt of Court
This week, Metawin hacks, LottieFiles attack, hackers used Ethereum smart contracts to target npm developers, Craig Wright faced contempt of court, Alameda sued KuCoin, Binance sought dismissal of a U.S. Securities and Exchange lawsuit, and Immutable received a Wells Notice.

Also: Ransomware Hackers Demand Baguettes
This week, Chinese spying, Italian hacking scandal, an FBI warning and Okta fixed a bug. Google mandated MFA, zero days in PTZOptics and a Mexican airport didn't pay ransom. Cybercriminals demanded baguettes, breach lettersin Ohio and Germany will shield white hats. The Italian DPA rebuked a bank.

Did Data Theft at Firm Also Affect Other Clients' Information?
A hacking incident at Thompson Coburn, a national law firm based in Missouri, has affected an unspecified number of patients of a healthcare sector client, Presbyterian Healthcare Services in New Mexico. But a big unanswered question is whether other clients were affected.

Experts on Potential Data Security and HIPAA Privacy Changes in Trump's Second Term
With Donald Trump set to return to the White House to serve another four-year term as U.S. president, what might the healthcare sector expect to see when it comes to his next administration's cybersecurity priorities and HIPAA regulations and enforcement? Experts weigh in.

Policy Shift Allows Military Contractors, Security Agencies Access to Its AI Model
Meta revised its policy to permit U.S. defense contractors and national security agencies to use its AI model, Llama, previously restricted from military applications, announcing that it has partnered with firms including Lockheed Martin and Palantir.

Dunnhumby CISO on Building Resilience and Tackling Transformation
Martyn Booth has found that leadership means resilience, adaptability and fostering a collaborative, diverse team. Leading transformation efforts at global customer data science firm Dunnhumby, Booth stressed the value of having a strong foundation and strategic partnerships.

Purchasing Israeli Startup Will Expand SaaS Security and Identity Threat Protection
CrowdStrike has agreed to acquire SaaS security leader Adaptive Shield to deliver identity-based protection across cloud and hybrid environments. The acquisition offers clients comprehensive SaaS security posture management, bridging on-premises and cloud identity defenses to thwart modern threats.

Security Professionals Must Continually Hone Technical and Communication Skills
In cybersecurity, there's no such thing as "done learning." The field's dynamic nature - driven by rapid technological advances and evolving threats - demands that professionals stay adaptable and proactive. It's essential for staying relevant, effective and prepared for what's next.

Burning Issues Include Russian Hacking, China's Hitting Critical Infrastructure
Four years since Trump's last term, the cyber picture looks - in many ways - markedly different. How will the incoming administration tackle Russian disinformation and cyber operations against NATO, rampant Chinese cyber espionage, and cybercriminals and ransomware continuing to disrupt businesses?

CyberEspionage 'Salt Typhoon' Operation Infiltrated Telcos' Infrastructure
The impact of a major U.S. national security breach attributed to China reportedly continues to expand, as investigators probe the infiltration of telecommunications infrastructure and eavesdropping on national security and policymaking officials' mobile phone communications.

Former President’s Win Could Bring Major Changes to U.S. Cyber Policy, Experts Say
Republican Donald Trump's return to the White House in January could bring significant changes to technology and cybersecurity policy in the United States, potentially reshaping federal approaches to AI regulation, industry investment and national security against rising digital threats.

Key Steps for Healthcare Organizations to Safeguard Sensitive Data
Cyber risk reduction is critical as the healthcare landscape has undergone dramatic shifts - a significant portion of the workforce has transitioned to remote work and digital services have surged, breeding new cybersecurity threats and vulnerabilities.

3 Countries Taking Different Approaches to Accountability and Victim Compensation
Governments globally are intensifying anti-scam measures, introducing new guidelines to banks, telecom providers and other key sectors to bolster security controls and mitigate fraud risks for consumers and businesses. Some new frameworks threaten to levy stiff penalties for non-compliance.

Medicare 2025 Pay Rule for Physicians Hints of Possible New Cyber Expectations
Federal regulators are again signaling that stronger cybersecurity practices could be tied to financial incentives for doctor offices that participate in Medicare. The regulatory lever may be the Centers for Medicare and Medicaid Services Merit-based Incentive Payment System.

Russian Threats Aim to Disrupt Nationwide Voting as Americans Flock to the Polls
U.S. intelligence agencies warned that Russian interference efforts are escalating on Election Day as millions of Americans cast their ballots nationwide. The Cybersecurity and Infrastructure Security Agency said it was not tracking significant threats to the vote.

CEO Rod Schultz Aims to Bridge External, Internal Data Challenges, Eyes CISO Bonds
New Bolster CEO Rod Schultz shares his priorities in combating AI-based fraud, underscoring the potential of internal data security solutions. Schultz sees Bolster’s established brand protection tools as a foundation for addressing broader enterprise data security needs and better engaging CISOs.

French Ministry Says Talks Are Ongoing to Acquire Cybersecurity Unit
French IT consultancy Atos on Tuesday announced the sale of a power grid consulting and engineering services unit days after some French lawmakers pushed for nationalizing the beleaguered company. The French government considers the company strategically important.