Computer Security News and Insights
The Breach That Started With "Company2024!" In January 2024, a mid-size healthcare company lost 2.3 million patient records. The root cause wasn't a sophisticated zero-day exploit. It wasn't a nation-state threat actor. It was an employee who reused the same password across their
The Redundancy in "Computer Security Security" Is the Whole Point When the Colonial Pipeline ransomware attack shut down fuel distribution across the U.S. Southeast in 2021, the root cause wasn't exotic. It was a single compromised VPN credential without multi-factor authentication. One layer failed, and
A Single Email Cost This Company $100 Million In 2015, Ubiquiti Networks disclosed that threat actors used carefully crafted emails — impersonating executives — to trick finance employees into wiring $46.7 million to overseas accounts. That wasn't a mass spam campaign. It was spear phishing: a surgical, researched, devastatingly
In March 2024, a Cisco advisory revealed that a massive brute force campaign was targeting VPN devices, SSH services, and web application portals worldwide — using roughly 28,000 unique IP addresses. The attackers weren't sophisticated. They didn't need to be. They just hammered login pages with
A Single Click Cost One Hospital Chain $100 Million In 2024, Change Healthcare — the largest health payment processing company in the U.S. — was hit by the ALPHV/BlackCat ransomware gang. The attack disrupted claims processing for thousands of providers nationwide. UnitedHealth Group, Change Healthcare's parent company, disclosed
The CEO Who Wired $47 Million to a Criminal In 2016, Austrian aerospace manufacturer FACC lost €42 million (roughly $47 million) after threat actors spoofed the CEO's email and instructed a finance employee to wire funds for a fake acquisition. The employee believed the request was legitimate. The
A Leaderboard Didn't Stop the Breach — But It Helped In 2023, a midsize healthcare provider ran a standard annual compliance video for security training. Completion rates hit 94%. Two months later, a single employee clicked a phishing link that led to a ransomware attack affecting 130,000 patient
Your Employees Are the Breach — 68% of the Time The 2024 Verizon Data Breach Investigations Report found that 68% of breaches involved a non-malicious human element — someone clicked a phishing link, reused a password, or misconfigured a system. That number has held stubbornly steady for years. If you're
A Single Fraud Ring Stole $6 Million Before Anyone Noticed In 2023, the FBI's IC3 received over 880,000 cybercrime complaints with losses exceeding $12.5 billion — a 22% increase from the prior year. A growing share of those losses came from coordinated fraud operations, not lone hackers
In February 2024, Change Healthcare — a subsidiary processing roughly one-third of all U.S. medical claims — was hit by the ALPHV/BlackCat ransomware group. The attack disrupted pharmacy operations nationwide for weeks, cost UnitedHealth Group an estimated $872 million in the first quarter alone, and exposed the personal health data
