Computer Security News and Insights
The $4.88 Million Lesson Most Organizations Still Haven't Learned IBM's 2024 Cost of a Data Breach Report pegged the global average breach cost at $4.88 million — the highest figure ever recorded. The Verizon 2024 Data Breach Investigations Report found that 68% of breaches involved
A Single Click Cost MGM Resorts $100 Million In September 2023, a social engineering phone call to an MGM Resorts IT help desk led to one of the most expensive breaches in hospitality history. The threat actor didn't exploit a zero-day vulnerability. They didn't write a
In May 2024, a single employee at a major healthcare provider clicked a phishing link disguised as a routine benefits update. Within 72 hours, the organization lost access to 14 million patient records and ended up paying a multimillion-dollar ransom. The employee had technically "passed" their annual compliance
In 2024, the average cost of a data breach hit $4.88 million globally, according to IBM's Cost of a Data Breach Report. The same report found that organizations with security awareness training programs and extensive security AI saved an average of $2.22 million per breach compared
In January 2025, a finance employee at a multinational firm joined a video call with what appeared to be their CFO and several colleagues. Every face on the screen was a deepfake. The employee transferred $25 million before anyone realized what happened. That incident — reported by CNN and confirmed by
The Breach That Started With a Single Click In January 2024, Microsoft disclosed that the Russian threat actor Midnight Blizzard compromised a legacy test tenant account using a password spray attack — no multi-factor authentication, no special exploit. Just a weak credential and an employee environment nobody was watching. The attackers
Last October Cost Companies $4.88 Million on Average That's the average cost of a data breach in 2024, according to IBM's Cost of a Data Breach Report. And most of those breaches started the same way — a human clicked something they shouldn't have.
The Breach That Cost a 12-Person Company $1.2 Million In early 2024, a small accounting firm in the Midwest lost $1.2 million after an employee clicked a phishing link disguised as a DocuSign notification. The attacker harvested credentials, bypassed the firm's basic email filters, and initiated
The Breach That Started With a 12-Minute Video Nobody Watched In early 2024, a mid-sized accounting firm in the Midwest suffered a ransomware attack that locked 14 years of client tax records. The entry point? A phishing email that an accounts payable clerk clicked without hesitation. The firm had online
In May 2024, a single employee at a midsize healthcare company clicked a link in what looked like a routine Microsoft 365 password reset email. Within 72 hours, a threat actor had exfiltrated 1.4 million patient records, triggered a ransomware payload, and the organization was staring down an eight-figure
