DataBreachToday.com

2023 and 2024 Ransomware Breaches Affected More Than 2.5M
Michigan-based McLaren Health Care has agreed to pay $14 million to settle consolidated class action litigation involving two ransomware attacks - allegedly by Alphv/BlackCat in 2023 and by Inc Ransom in 2024 - that affected about 2.5 million patients and employees.

AI Elevates CDO Job From Gatekeeper to Data-Driven Change Agent
The chief data officer is being pushed out of the shadows and into the C-suite spotlight with the rise of AI. While the role emerged as one rooted in compliance and risk management, it has evolved to be a business driver, holding the keys to value creation and human-centered transformation.

Security Service Says China-Linked Actor Compromised Vulnerable Network Devices
Norway's security service confirmed it was targeted by the China-linked Salt Typhoon campaign, marking one of Europe’s clearest public acknowledgements that the cyberespionage operation extended beyond U.S. telecom and federal networks into allied infrastructure.

Shadow Aeza International Directed Traffic to Malicious Adtech
A financially motivated threat actor hacked dozens of domain name system resolvers, connecting them to the infrastructure of a Russian bulletproof hosting service sanctioned by the U.S. Department of Treasury for its criminal links, researchers found.

European Commission Intends to Force Meta to Open Chat App to Third Party AI
The European Commission said Meta appears to have broken antitrust law by blocking third-party AI assistants from interfacing with their users through WhatsApp. It gave notice to parent company that Europe intends to open up WhatsApp to third-party general-purpose AI assistants.

Cadence Bank's Brent Phillips Focuses on Controls for Online Account Opening
Financial institutions face rising losses from first-party fraud schemes that begin with online account opening. One of the most effective ways to reduce exposure involves practical, risk-based controls that limit how much trust new customers receive before their behavior can be established.

Ivanti's Endpoint Manager Mobile Flaws Under Active Exploitation
The European Commission fell victim to a cyberattack that could have allowed the theft of some staff personal information. The European Union's executive body said Friday it detected on Jan. 30 an attack on its "central infrastructure managing mobile devices."

CEO Nitay Milner Says Large Language Models Cut False Positives and Policy Sprawl
Orion Security has secured $32 million in Series A funding led by Norwest Venture Partners to replace policy-driven data loss prevention with large language models. CEO Nitay Milner says AI enables real-time context that legacy DLP tools can't achieve at scale.

Experts Advise Moving From Verifying Identities to Knowing Agent Intentions
Financial institutions are rushing to deploy AI agents capable of autonomously initiating transactions, approving payments and freezing accounts in real time. But agents are creating a "dual authentication crisis" that traditional security frameworks cannot address.

'Kill Switch' Fears Drive EU Tech Sovereignty Push
Europe is quietly planning to set up a secure military data-sharing platform - without U.S.-made technology. Discussions about the need for more European tech infrastructure have heavily accelerated in recent months, although there's debate about whether the EU can really replace U.S. hyperscalers.

CEO Jay Chaudhry: SquareX Deal Targets Unmanaged Devices and Third-Party Access
Zscaler has acquired SquareX to deliver browser security through extensions rather than endpoint agents or stand-alone browsers. CEO Jay Chaudhry said the approach speeds deployment, improves security for unmanaged devices, and accelerates time-to-market by up to a year.

AI Assistant Executes Hidden Commands Embedded in Docker Image Labels
A vulnerability in Docker's Ask Gordon AI assistant allows attackers to execute malicious commands by hiding them in the container application development platform's image metadata, said security researchers. Dubbed DockerDash, the vulnerability exploits a failure across Docker's AI execution chain.

Database Misconfiguration Exposed 1.5 million API Tokens
A misconfigured database at Moltbook, the viral social network for AI agents, exposed 1.5 million API authentication tokens, 35,000 email addresses, and private messages. Security researchers discovered unauthenticated read and write access to all platform data within days of launch.

Varonis CEO Yaki Faitelson Warns Misconfigured AI Is an Accident Waiting to Happen
Varonis has acquired AllTrue.ai to close visibility gaps in AI security. CEO Yaki Faitelson said enterprises are deploying AI agents that access vast datasets at high speed without understanding permissions identity context or abnormal behavior creating urgent demand for data-first AI security.

Also, Active Exploits Hit SolarWinds, Ivanti as APT28 Targets EU, Ukraine
This week, Italy blocked Russian cyberattacks targeting the Olympics. Flaws in SolarWinds, Ivanti and Microsoft Office. Russia's APT28 ramped up attacks in Ukraine, supply chain attacks, regulators probed major breaches and a U.S. judge sentenced the operator of a darkweb drug marketplace.

Global Cyber Alliance: as AI Fuels Cybercrime, Outcomes Keep Getting Worse
Security teams report stronger controls and broader collaboration each year. Yet cybercrime outcomes continue to worsen. Brian Cute of the Global Cyber Alliance says artificial intelligence-based attacks are tipping the scales against cyber defenders.