Computer Security News and Insights
Every October, Organizations Pretend to Care About Security Last October, a mid-sized healthcare company ran a poster campaign for Cybersecurity Awareness Month. Inspirational quotes about passwords. A lunch-and-learn nobody attended. Two weeks later, a threat actor walked through their defenses using a single phishing email that an accounts payable clerk
The Breach That Cost a 12-Person Company Everything In 2023, a small accounting firm in Sacramento lost access to every client file it had. A single employee clicked a link in what looked like a DocuSign notification. Within four hours, ransomware had encrypted the entire network. The ransom demand was
The Breach That Bankrupted a 40-Person Company In 2023, a small accounting firm in Sacramento lost every client record it had. A single employee clicked a phishing link disguised as a DocuSign notification. Within 72 hours, a threat actor had deployed ransomware across the entire network. The firm paid $350,
A $4.88 Million Problem That Slides Right Past Your Firewall IBM's 2024 Cost of a Data Breach Report pegged the global average breach cost at $4.88 million. The leading initial attack vector? Phishing and stolen credentials — both of which target people, not servers. Yet most organizations
In 2023, MGM Resorts lost an estimated $100 million after a threat actor social-engineered a help desk employee with a ten-minute phone call. The attacker didn't exploit a zero-day vulnerability. They didn't write custom malware. They called IT support, impersonated an employee found on LinkedIn, and
The Accountant Who Cost Her Company $2.3 Million She wasn't careless. She wasn't stupid. She was a 15-year veteran of her firm's finance department, and she followed what she thought was a legitimate email from the CEO asking for an urgent wire transfer.
The $1.1 Billion Problem You Can't Afford to Ignore In 2023, ransomware payments exceeded $1.1 billion globally, according to Chainalysis. That number only captured what was paid — not the downtime, legal fees, regulatory penalties, or permanent reputational damage. I've worked with organizations that survived
In May 2021, Colonial Pipeline paid a $4.4 million ransom to the DarkSide threat actor group after a single compromised password shut down fuel distribution across the U.S. East Coast. Gas stations ran dry. Panic buying erupted. And one of the most critical infrastructure networks in the country
The Attack That Shut Down 100 Million Prescriptions In February 2024, a ransomware attack on Change Healthcare paralyzed pharmacy operations across the United States. Hospitals couldn't process claims. Patients couldn't fill prescriptions. UnitedHealth Group ultimately disclosed the breach affected roughly 100 million individuals — the largest healthcare
The Attack That Paralyzed a Hospital System for 28 Days In 2024, Ascension Healthcare — one of the largest health systems in the United States — was hit by the Black Basta ransomware group. The attack disrupted operations across 140 hospitals. Clinicians reverted to paper records. Ambulances were diverted. It took nearly
