DataBreachToday.com

Ransomware Gang Everest Claims It Has Leaked All Stolen Data
A revenue cycle management software firm is notifying an undisclosed number of patients of several medical diagnostic labs that their sensitive information, including diagnoses and treatments, was stolen in a November hack. Ransomware gang Everest Group claims it has leaked all the data.

European Commission Rejects Claims of Reduced Multi-Cloud Competition
The European Commission has unconditionally approved Google's takeover of cloud security vendor Wiz, saying customers will retain alternatives in the cloud infrastructure and security markets even as critics warned the $32 billion deal could entrench Google's ecosystem.

Nation State Hackers Escalating Attacks on US Defense Industrial Base, Report Says
A new report from Google Threat Intelligence Group warns that state-backed hackers are escalating attacks on the defense industrial base, shifting from classic espionage to supply-chain compromise, workforce infiltration and battlefield-adjacent cyber operations.

Redmond Rolls Out 2 Desktop Security Initiatives
Microsoft is touting changes to Windows meant to ensure better runtime security and user prompts when apps access sensitive desktop resources such as files, a camera or microphone. Other controls include blocking legacy authentication protocols to ensure use of multifactor authentication.

Enabling Practical Endpoint Control Without Productivity Trade-offs
Removing local admin rights often creates helpdesk and user friction. An identity-first model reduces risk while keeping business operational. Join CyberArk's practical webinar session to learn how identity-first endpoint control replaces standing admin rights with just-in-time access.

2023 and 2024 Ransomware Breaches Affected More Than 2.5M
Michigan-based McLaren Health Care has agreed to pay $14 million to settle consolidated class action litigation involving two ransomware attacks - allegedly by Alphv/BlackCat in 2023 and by Inc Ransom in 2024 - that affected about 2.5 million patients and employees.

AI Elevates CDO Job From Gatekeeper to Data-Driven Change Agent
The chief data officer is being pushed out of the shadows and into the C-suite spotlight with the rise of AI. While the role emerged as one rooted in compliance and risk management, it has evolved to be a business driver, holding the keys to value creation and human-centered transformation.

Security Service Says China-Linked Actor Compromised Vulnerable Network Devices
Norway's security service confirmed it was targeted by the China-linked Salt Typhoon campaign, marking one of Europe’s clearest public acknowledgements that the cyberespionage operation extended beyond U.S. telecom and federal networks into allied infrastructure.

Shadow Aeza International Directed Traffic to Malicious Adtech
A financially motivated threat actor hacked dozens of domain name system resolvers, connecting them to the infrastructure of a Russian bulletproof hosting service sanctioned by the U.S. Department of Treasury for its criminal links, researchers found.

European Commission Intends to Force Meta to Open Chat App to Third Party AI
The European Commission said Meta appears to have broken antitrust law by blocking third-party AI assistants from interfacing with their users through WhatsApp. It gave notice to parent company that Europe intends to open up WhatsApp to third-party general-purpose AI assistants.

Cadence Bank's Brent Phillips Focuses on Controls for Online Account Opening
Financial institutions face rising losses from first-party fraud schemes that begin with online account opening. One of the most effective ways to reduce exposure involves practical, risk-based controls that limit how much trust new customers receive before their behavior can be established.

Ivanti's Endpoint Manager Mobile Flaws Under Active Exploitation
The European Commission fell victim to a cyberattack that could have allowed the theft of some staff personal information. The European Union's executive body said Friday it detected on Jan. 30 an attack on its "central infrastructure managing mobile devices."

CEO Nitay Milner Says Large Language Models Cut False Positives and Policy Sprawl
Orion Security has secured $32 million in Series A funding led by Norwest Venture Partners to replace policy-driven data loss prevention with large language models. CEO Nitay Milner says AI enables real-time context that legacy DLP tools can't achieve at scale.

Experts Advise Moving From Verifying Identities to Knowing Agent Intentions
Financial institutions are rushing to deploy AI agents capable of autonomously initiating transactions, approving payments and freezing accounts in real time. But agents are creating a "dual authentication crisis" that traditional security frameworks cannot address.

'Kill Switch' Fears Drive EU Tech Sovereignty Push
Europe is quietly planning to set up a secure military data-sharing platform - without U.S.-made technology. Discussions about the need for more European tech infrastructure have heavily accelerated in recent months, although there's debate about whether the EU can really replace U.S. hyperscalers.

CEO Jay Chaudhry: SquareX Deal Targets Unmanaged Devices and Third-Party Access
Zscaler has acquired SquareX to deliver browser security through extensions rather than endpoint agents or stand-alone browsers. CEO Jay Chaudhry said the approach speeds deployment, improves security for unmanaged devices, and accelerates time-to-market by up to a year.