DataBreachToday.com

Illumio's Raghu Nandakumara on Seeing the Broader Implications of Cyber Incidents
Seeing risk is not the same as understanding it. Raghu Nandakumara, vice president of industry strategy at Illumio, explains how organizations can move beyond mere visibility to actionable context for building stronger resilience.

Cloudflare's Christian Reilly on Practical AI Security, Extreme AI Implementation
Christian Reilly, field CTO at Cloudflare, shares how organizations can harness artificial intelligence technology while maintaining security. He warns against extreme AI approaches and emphasizes practical security measures for enterprise adoption.

Splx Says Hardened Prompts Lower Hallucinations But Security Gaps Persist
DeepSeek is touting its newest model as its entry into the "agent era" and performance benchmarks show a notable leap in capabilities. Security testing shows progress and persistent vulnerabilities in the Chinese company's upgraded V3.1 model. The raw model swore in response to testing prompts.

Now-Dormant Gang Claimed North Carolina, Florida Groups on Data Leak Site This Year
Two medical practices - in North Carolina and Florida - are notifying a total of more than 700,000 patients whose information was potentially stolen in separate hacks earlier this year. The now-dormant ransomware gang BianLian had claimed both organizations as victims on its dark website.

Sumitomo's Sawant on the Internal Risks of Autonomous AI Agents
Autonomous AI agents are shifting the nature of insider threats by operating at machine speed and mimicking human-level access and privilege. These synthetic entities can act independently within systems and carry out actions traditionally reserved for human users, introducing new security risks.

Juvenile Male Tied to Hack Attacks Against MGM Resorts and Caesars Entertainment
The net continues to close on suspected members of the notorious ransomware-wielding group called Scattered Spider, with Las Vegas police announcing the arrest of a teenage, juvenile male suspect tied to 2023 attacks that hit MGM Resorts and Caesars Entertainment.

CISOs, Regulators and Innovators Unite in New York to Safeguard Healthcare's Future
From discussions on health data explosion to the keynote on AI deployment, the Healthcare Security Summit: New York offered practical strategies to manage data risks, ensure continuity of patient care and prepare for a regulatory landscape that is rapidly reshaping cybersecurity priorities.

Speaker for Upcoming CS4CA Europe London Event Discusses OT Risk and Collaboration
IT and OT teams at critical infrastructure companies face the imperative of balancing digitalization and automation with cybersecurity. In advance of the CS4CA Europe London Conference (Sept. 30 - Oct. 1, 2025), event speaker Marta Majtenyi previews some of the major themes.

Major European Airports Continue to Face Service Disruptions Following Friday Hack
European cyber defenders classified as a ransomware attack an incident that disrupted several major European airports including London Heathrow resulting in flight cancelations and delays over the weekend and Monday.

Airports in Brussels, Berlin, and the UK and Ireland Impacted
Flight cancellations and delays lasting hours at several major European airports including London's Heathrow on Saturday occurred after a cyberattack against a provider of check-in and boarding systems. Hackers late Friday targeted software developed by Collins Aerospace.

New Texas health information legislation that began to go into effect on Sept. 1 includes several noteworthy provisions including requirements related to health record data storage and artificial intelligence, said regulatory attorney Rachel Rose. Rose explains the significance of the new state law.

Hackers Accessed Backup Firewall Preference Files
Firewall maker SonicWall is telling customers to reset credentials after hackers stole firewall configuration backup files stored in its cloud service. Hackers launched brute force attacks against servers storing backup files. They stole configuration data of roughly 5% of the install base.

Funding Supports Threat Hunting, Natural Language to Replace Legacy Detection
Vega aims to replace patchwork AI integrations with an analytics layer that enables real-time, natural language detection across distributed data. Backed by Accel, the company will double headcount, improve detection tuning and reduce false positives without a SIEM rip-and-replace required.

FBI Director Claims 'Supremely Qualified' Unnamed Leaders Replaced Cyber Officials
The FBI is facing growing scrutiny over reported unfilled cyber leadership roles and morale issues following politically charged dismissals, even as cybercrime hits $16.6B and hackers spoof FBI platforms - raising concerns about the bureau’s readiness to counter digital threats.

Startup Simulates Offensive and Defensive AI to Test and Thwart AI-Based Threats
Irregular secured $80 million in funding to turn its research into scalable security tools for businesses adopting AI. With growing offensive AI capabilities, the company is racing to productize simulations that detect vulnerabilities before attackers do.

Default credentials, weak passwords, misconfigurations and a variety of other security shortcomings are exposing millions of medical devices and their data on the internet, said Soufian El Yadmani, CEO and co-founder of Modat, who shared recent research findings.

Users Download Malware in Bid to Placate Meta
A newly surfaced FileFix social engineering campaign puts a new spin on ClickFix attacks by goading users into loading malware under the guise of reporting a wrongful account suspension to social media giant Facebook. Victims likely get sucked into the scam by following a link from a phishing email.

Also, Colt Services Outage Persists, Finland Charges Americans in Vastaamo Hack
This week, Microsoft hit RaccoonO365, Colt Technology Services, Finland charged a U.S. citizen in Vastaamo hack. RevengeHotels hackers used AI, Meta can't overturn a privacy case verdict. Chinese hackers unleashed spear phishing emails. Prosper confirmed a data breach, as did Kering fashion houses.

Silicon Valley Startup Brings AI Agent and Prompt Injection Protections to Falcon
CrowdStrike plans to purchase Pangea to add native AI detection and response capabilities to its Falcon platform. The company says the acquisition will help secure AI models and users alike from preventing prompt injection to tracking agent activity across enterprise environments.