DataBreachToday.com

Union Health System Among Many Cerner Legacy Data Clients Affected by Breach
An Indiana health system is among the first healthcare organizations notifying regulators and thousands of people affected by the Oracle hack in January. Attackers compromised legacy patient data hosted by Cerner servers that were set to migrate to Oracle's cloud environment.

CISOs Seek Real Value as Vendors Tout the Latest Batch of AI-Driven Solutions
As the conversation shifts from generative to agentic AI, it's clear that AI holds tremendous potential to ease zero trust fatigue, but only when guided by business context, quality data and human oversight. CISOs see AI as a "basket of opportunities but plenty of "vendor blind spots."

Srivatsan Replaces Prakash Panjwani, Who Led WatchGuard's Push Beyond the Network
The former chief operating officer of SentinelOne and chief strategy officer of Palo Alto Networks has been named interim leader of MSP security stalwart WatchGuard. WatchGuard tapped Vats Srivatsan to serve as interim CEO beginning Wednesday and tasked him with scaling its platform.

Also: Iberian Blackout, Delta Faces Lawsuit Linked to CrowdStrike Outage
Every week, ISMG rounds up cybersecurity incidents and breaches around the world. This week: Mirai Botnet Exploits Flaws in GeoVision, the Iberian blackout under investigation, dueling cybersecurity advisories from India and Pakistan, Delta must face a lawsuit linked to CrowdStrike outage.

Criminals Extort School Employees After Vendor Paid for Data-Deletion Promise
Students, gather round for the sad story of how PowerSchool got schooled not once, but twice. Surprise: attackers who received a ransom payment in return for a promise to delete data they stole from PowerSchool pertaining to students and teachers didn't actually delete the data.

Not Just Ransomware But Verbal Disclosure of Personal Data Common, Watchdog Finds
Two decades after California Senate Bill 1386 introduced the world to data breach notifications, organizations have collectively battened down their cybersecurity hatches and fixed the problem once and for all. Of course, I'm joking, with the results of recent data breach root cause report in hand.

Exposes Details of Victims, 'Aggressive' Negotiations, Cryptocurrency Addresses
One year to the day after an international law enforcement operation unmasked and indicted the leader of the notorious LockBit ransomware group, a hacker has sent the group another love letter.

Also: Mango Markets Hacker Sentenced in CSAM Case
This week, Trump's crypto wealth, Mango Markets hacker sentenced for CSAM, Solana's zero-day fix, French police rescued a crypto millionaire's father from kidnappers, stolen bitcoin frozen, US FTC sued IML and Kraken spotted a North Korean job applicant.

Agentic AI Is More Than Just the Latest Cybersecurity Buzzword at RSAC Conference
At RSAC 2025, the message came through loud and clear: Agentic AI is no longer just a concept. It's being deployed today. While much of the buzz focused on performance gains and trust concerns, another story emerged - one that speaks directly to security professionals and those entering the field.

NIH, CMS Project Raises Patient Data Privacy Concerns, Advocates Say
The U.S. Department of Health and Human Services said it will build a data platform "allowing researchers to 'securely'" access data from Medicare and Medicaid claims, patient electronic medical records and consumer wearables to better understand autism spectrum disorder causes and treatments.

Masimo Told SEC Hack Affects On-Premises Systems, Operations and Distribution
A cyberattack against on-premises systems is affecting product manufacturing, fulfillment and distribution operations of Masimo, a manufacturer of patient monitoring devices, the California-based company told the U.S. Securities and Exchange Commission on Tuesday.

Funding Will Fuel R&D Push Into Automated Remediation and Risk Prioritization Tools
With code increasingly generated by AI and attackers using AI for exploits, OX Security raised $60 million to scale R&D and help developers prioritize critical vulnerabilities. The company aims to close detection gaps and reduce time-to-remediation in application security.

FIDO-Based Authentication to Replace SMS-Based Verification, Says UK NCSC
The U.K. government is set to replace SMS-based verification systems for digital services with passkeys later this year in a bid to shore-up cyber defenses. The authentication initiative is being developed by the U.K. National Cybersecurity Center using FIDO standards.

Chris Wysopal of Veracode on How AI Boosts Code Production and Vulnerabilities
AI delivers a 50% increase in developer productivity, but with more code comes more vulnerabilities. Chris Wysopal, chief security evangelist at Veracode, shares developments in secure code practices and how regulatory pressures are improving prioritization of secure code.

UK Government Announces Plans to Shore Up Cyber Defenses
The proposed Cybersecurity and Resilience bill will help shore up cyber defenses for U.K. businesses being targeted by cybercriminals, minister for intergovernmental relations Pat McFadden told CyberUK attendees on Wednesday. Recent retailer hacks should be a "wake up call" for businesses.

New Research Uncovers Tokenizer Blind Spots in Leading LLMs
Subtle obfuscation techniques can systematically evade the guardrails that today's large language models rely on. Researchers from Mindgard team found that adversaries can "smuggle" malicious payloads past tokenizers using emojis, zero-width spaces and homoglyphs.

Loss of 5% of Staff Is Cybersecurity Industry's Second-Largest Workforce Reduction
CrowdStrike plans to ax 500 employees as the endpoint security behemoth looks to operate more efficiently and uses artificial intelligence to "flatten[s] our hiring curve. The company revealed plans to reduce its nearly 10,000-person staff by 5% to scale its business with more focus and discipline.