Ransomware DataBreachToday.com

Lawmakers Warn of Security Risks as DOGE is 'Running Roughshod' in Federal Systems
Democrats on Capitol Hill are calling on the White House to provide transparency into billionaire Elon Musk's attempts to shrink the U.S. government after reports indicated his unvetted aides gained access to key federal systems containing troves of sensitive data on millions of Americans.

Incident Response Firm Reports 25% of Victims Paid - Typically for a Decryptor
The slice of organizations opting to pay extortion after being hit by ransomware dropped to an all-time low of 25%. Underpinning the drop is a combination of better defenses, improved business resilience as well as organizations simply deciding to not pay criminals.

Former ConnectWise CEO Plans US Growth, Operational Maturity, Product Innovation
Jason Magee, newly appointed CEO of Cynet, wants to grow the company’s presence in the U.S. He aims to increase domestic revenue to 60%, expand partnerships and refine Cynet’s all-in-one security platform. His leadership strategy also prioritizes the education, healthcare and manufacturing sectors.

Could Open-Source AI Redefine the Future? Here's What Experts Say
Open-source AI is shaking up the industry, challenging traditional large and small language models and raising new security concerns. With DeepSeek-R1 leading the charge, experts weigh in on the risks, rewards and the future of AI monetization. Is the future of AI open - or are we headed for new challenges?

Analyst Allie Mellen on Open-Source AI Adoption, Vendor Considerations, Data Risks
AI adoption is accelerating across security operations, but DeepSeek has introduced security, privacy, and geopolitical risks that organizations should carefully assess. Forrester's Allie Mellen shares advice on AI adoption by cybersecurity, third-party risks and data protection.

Attacks Hit Hospitals, Clinics in California, Alabama and Colorado
Three healthcare entities - including a California hospital and outpatient care provider, an Alabama cardiology practice, and a Colorado community health system, are notifying a total of more than 1.2 million individuals that their sensitive information was compromised in 2024 hacks.

FIs Expected to Move from Periodic Reviews to Perpetual KYC
Banks are struggling to keep up with evolving KYC expectations. Despite efforts to modernize, outdated processes continue to leave compliance gaps, leading to increased regulatory action. Penalties for financial institutions surged with KYC-related fines more than doubling to $51 million.

Espionage and Cybercrime Campaign Tied to 7-Zip Mark-of-the-Web Bypass Hits
Russian hackers targeting Ukrainian government agencies and businesses - including a major automotive manufacturer - have been targeting a zero-day vulnerability in the open source and widely used 7-Zip archive utility, to infect systems with credential-stealing SmokeLoader malware.

OneTrust's Ojas Rege Details Act Requirements, AI Governance Challenges
The first set of rules banning high-risk AI systems under the European Union AI Act went into effect on Sunday. Starting this week, companies are now barred from deploying AI-driven emotion recognition in the workplace and schools. OneTrust's Ojas Rege discusses the implications.

3rd Round of Layoffs in 3 Years Comes as Rival CyberArk Surpasses Okta's Valuation
Okta will execute its third round of layoffs in three years, cutting 180 employees to reallocate resources toward priorities to drive growth. The San Francisco-based identity security giant on Tuesday shared plans to reduce its staff by 3% in what has become somewhat of an annual tradition for Okta.

'Frontier AI Framework' Identifies Risk Categories, Action Plan
Meta has set new limits on the release of its advanced artificial intelligence models, establishing a framework detailing the criteria for restricting systems deemed too dangerous for public release. Meta's Frontier AI Framework identifies two risk categories: high and critical.

US to Investigate Whether DeepSeek Bypassed Export Controls to Obtain Nvidia Chips
Singapore has vowed to investigate allegations that Chinese artificial intelligence company DeepSeek flouted U.S. export controls to obtain high-performance Nvidia chips to power its flagship R1 reasoning application through intermediaries based in the island nation.

Security Concerns, Chinese Ownership Drive Concerns
U.S. federal agencies and corporations with ties to the government are blocking employees from using Chinese chatbot DeepSeek over security and privacy concerns. China could potentially use DeepSeek AI models to spy on American citizens, acquire proprietary secrets and conduct influence campaigns.

'Advanced Planning Unit' to Focus on Societal, Economic, Workplace Implications
Microsoft has created a new research-focused entity as part of its artificial intelligence division to analyze and anticipate the technology's societal, economic and workplace implications. It will report directly to Mustafa Suleyman, CEO of Microsoft AI.

Lawmakers Demand Answers After Musk Aides Gain Access to Key Payment Systems
Reports that a Trump administration task force headed by Elon Musk gained access to sensitive government systems have rattled the cybersecurity community amid fears of misuse. "Working for Elon Musk does not give you some supernatural shield of cyber invulnerability," said Mark Montgomery.

At the Same Time, the Total Number of Breach Notifications to Consumers Increased
The total amount of annual fines imposed by European privacy regulators fell in 2024 for the first time since the EU's pioneering data protection law came into effect, even as the number of data breach notifications continued to increase, report legal privacy researchers.

UK Banks Face Adoption Challenges and Cybersecurity Concerns
Despite its promise of innovation and cost efficiency, banks in the United Kingdom continue to struggle with the adoption of open banking. Consumer awareness, security concerns and a lack of incentives remain hurdles as stakeholders push for broader integration.

OpenAI's New Cost-Efficient AI Reasoning Model Excels in Math, Coding and Science
OpenAI has launched o3-mini, a high-performance AI model optimized for STEM tasks. The model offers enhanced reasoning abilities, reduced latency, and features like function calling and structured outputs. Available in ChatGPT and API, o3-mini surpasses its predecessor in coding and math accuracy.

Health Records of Children, Deceased Patients Among Compromised Data
Community Health Center, which has a dozen primary care, dental and other clinics in Connecticut, is notifying nearly 1.1 million people - including pediatric patients and their parents and guardians - that their information was potentially stolen in a cyberattack detected earlier this month.

Governmental Agencies Won't Meet 2025 Goal of Bolster Cybersecurity
The British government fell short of its goal of significantly fortifying civilian IT systems to withstand cyberattacks by 2025, warned auditors in a report highlighting that much of officialdom runs on legacy systems. Nearly half of the government IT budget goes to keeping legacy systems running.