Computer Security News and Insights
A $4.88 Million Question Most People Answer Wrong In 2024, the average cost of a data breach hit $4.88 million globally, according to IBM's Cost of a Data Breach Report. That number isn't abstract. It's real money drained from real organizations — many
The Breach That Started With a Single Click In 2023, MGM Resorts lost an estimated $100 million after a threat actor called Scattered Spider social-engineered an IT help desk employee. One phone call. One credential reset. That's all it took to bring a $14 billion company to its
A school district in Arizona lost $3.5 million in January 2024 after a single employee followed a spoofed email's wire transfer instructions. No malware. No sophisticated zero-day exploit. Just one person who didn't recognize a social engineering attack. That's why most computer security
In February 2024, Change Healthcare — one of the largest health payment processors in the U.S. — was hit by the ALPHV/BlackCat ransomware group. The attack disrupted claims processing for hospitals and pharmacies nationwide, exposed protected health information for an estimated 100 million people, and reportedly led to a $22
Your Bank Just Called. Except It Didn't. In 2023, the FBI's Internet Crime Complaint Center reported over $1.2 billion in losses from call center fraud and impersonation scams. A significant chunk of those losses started the same way: a spoofing caller displaying a legitimate number
In 2023, the FBI's Internet Crime Complaint Center (IC3) reported that business email compromise caused $2.9 billion in adjusted losses — making it the single most financially devastating cybercrime category they track. Not ransomware. Not credential theft rings. BEC. And that number only reflects what gets reported. I&
In January 2026, a major U.S. healthcare network disclosed that threat actors had exfiltrated over 3 million patient records after compromising a single employee's credentials through a phishing email. It wasn't sophisticated malware. It wasn't a zero-day. It was a fake password-reset page.
The Average Company Runs 130 SaaS Apps — And Secures Maybe Half In early 2024, a threat actor breached Snowflake customer environments — not by exploiting a zero-day, but by using stolen credentials harvested from infostealer malware. The result? Hundreds of millions of records exposed across companies like Ticketmaster and AT&
A Single Misconfigured S3 Bucket Exposed 540 Million Facebook Records Back in 2019, researchers at UpGuard discovered that two third-party Facebook app developers had left hundreds of millions of user records sitting in publicly accessible Amazon S3 buckets. No hacking required. No sophisticated exploit. Just wide-open cloud storage that anyone
The Breach That Exposed 147 Million People — and a Broken Plan When Equifax disclosed its 2017 breach, the company technically had a data breach response plan. They had security teams, legal counsel, and a PR department. What they didn't have was a plan that actually worked under pressure.
