Posts tagged with multi-factor authentication explain how layered identity verification strengthens access security. Coverage includes MFA implementation strategies, authenticator app comparisons, hardware token options, and best practices for deploying MFA across enterprise environments.
posts
In February 2024, a threat actor compromised a single employee's account at Change Healthcare, triggering the largest healthcare data breach in U.S. history — affecting roughly 100 million people. The entry point? An account that lacked multi-factor authentication entirely. UnitedHealth Group CEO Andrew Witty confirmed this during congressional
That Gmail Alert Isn't Always What You Think In September 2023, the FBI's Internet Crime Complaint Center warned that business email compromise — much of it involving compromised Gmail and Google Workspace accounts — resulted in over $2.9 billion in reported losses during 2023 alone. A single
In January 2023, PayPal disclosed that threat actors had compromised nearly 35,000 user accounts through credential stuffing — not by breaking PayPal's systems, but by exploiting reused passwords harvested from other breaches. That incident made headlines, but it's the quieter, daily grind of PayPal phishing attacks
In January 2024, a finance worker at engineering firm Arup wired $25 million to criminals after joining a video call with what appeared to be the company's CFO and several colleagues. Every person on that call was a deepfake. The attack started with what every phishing scam starts
The $4.88 Million Wake-Up Call You Can't Afford to Ignore IBM's 2024 Cost of a Data Breach Report pegs the global average cost of a breach at $4.88 million — the highest figure ever recorded. That's not a typo. And it's
In February 2024, Change Healthcare — one of the largest health payment processors in the United States — was brought to its knees by a ransomware attack. Patient data for potentially tens of millions of Americans was exposed. The initial access vector? Stolen credentials on a system that lacked multi-factor authentication. One
In March 2024, UnitedHealth Group's subsidiary Change Healthcare was hit by a ransomware attack that disrupted insurance claim processing for hospitals and pharmacies across the United States. The company reportedly paid a $22 million ransom. The attack vector? Stolen credentials used to access a remote system that lacked
In February 2024, Change Healthcare — one of the largest health technology companies in the U.S. — got hit with a ransomware attack that disrupted pharmacies, hospitals, and insurance claims processing across the entire country. UnitedHealth Group confirmed the breach affected a substantial portion of the American population. The attack vector?
In February 2024, the FBI's Internet Crime Complaint Center reported that Americans lost over $12.5 billion to cybercrime in 2023 — a 22% increase from the year before. A staggering number of those complaints originated from personal devices. Not corporate servers. Not government networks. Home computers. So how
In January 2024, a finance employee at a multinational firm in Hong Kong wired $25 million to threat actors after a deepfake video call convinced him his CFO had authorized the transfer. It started with a phishing email. Every catastrophic breach I've investigated over the past decade traces
