DataBreachToday.com

Banks Shift Blame to Social Media, Telecoms While Scam Victims Pay the Price
If you're the victim of a scam in Australia, the chances of being reimbursed for your stolen funds are low. In fact, the AFCA ruled in favor of full reimbursement for victims in only 4.8% of its cases in 2024, highlighting the difficulty consumers face in disputing fraud-related losses with banks.

Banks Shift Blame to Social Media, Telecoms While Scam Victims Pay the Price
If you're the victim of a scam in Australia, the chances of being reimbursed for your stolen funds are low. In fact, the Australian Financial Complaints Authority ruled in favor of full reimbursement for victims in only 4.8% of its cases last year, highlighting the difficulty consumers face when disputing fraud-related losses with their banks.

'There's a Lot of Confusion Going On'
A halt on new contract awards by the federal government's top procurement agency has thrown vendors into confusion, raising concerns about its ripple effects. White House announcements are "definitely causing confusion" among cybersecurity contractors and officials, an industry analyst said.

Ransomware Attack on the Center Is the Latest Assault on Blood Supply Chain
A New York blood center and its divisions that serves hospitals in several states are dealing with ransomware attack disrupting donations and other activities. The attack - the latest assault on a blood supplier - comes just days after the center declared a blood shortage emergency.

Feds Warn Flaws Could Lead to 'Simultaneous Exploitation' of All Devices
U.S. federal authorities are warning that cybersecurity vulnerabilities in two brands of patient monitors used in healthcare settings and in patients' homes can allow remote attackers to take control of the devices when connected to the internet, posing safety and data privacy concerns.

Google Says Iranian and Chinese Threat Group the Most Active
Iranian and Chinese threat actors are using Google's artificial intelligence application Gemini for vulnerability scanning and reconnaissance activities, with some attempting to bypass security guardrails of the application, the computing giant disclosed.

Tips on Relationships and Empathy That CISOs Should Know Before the Next Crisis
Emotional Intelligence is the ability to recognize, understand, manage and influence both your own emotions and those of others. It encompasses five key areas: self-awareness, self-regulation, motivation, empathy and social skills that enable leaders to build trust and manage teams effectively.

CEO Satya Nadella Highlights DeepSeek-R1 Model, AI Cost Reductions, Future Growth
Microsoft CEO Satya Nadella said AI scaling laws, compounded by Moore’s Law, are accelerating efficiency gains, with a 10x improvement per model generation. He revealed Microsoft’s strategy for optimizing AI costs and highlights DeepSeek-R1’s availability on Azure AI Foundry and GitHub.

Tips on Relationships and Empathy That CISOs Should Know Before the Next Crisis
Emotional Intelligence is the ability to recognize, understand, manage and influence both your own emotions and those of others. It encompasses five key areas: self-awareness, self-regulation, motivation, empathy and social skills that enable leaders to build trust and manage teams effectively.

OpenAI and Microsoft Reportedly Investigate DeepSeek API Access
The low-cost miracle of the DeepSeek-R1 model may not in fact be one as accusations surfaced that the Chinese company may have derived its reasoning model from U.S. firm OpenAI. OpenAI and Microsoft are investigating whether DeepSeek stole information from OpenAI through an API.

7 Proposed Class Actions Filed Against Allegheny Health Network and IntraSystems
A Pittsburgh-based healthcare system and its Massachusetts-based IT services firm are facing at least seven proposed federal class action lawsuits involving a data theft - reported on Jan. 17 - affecting about 293,000 people. The hack is the latest major breach involving a business associate.

Deal Brings Third-Party Data Ingestion, Risk Prioritization, Automated Workflows
Tenable has acquired Vulcan Cyber to bolster its exposure management strategy, integrating third-party asset data, AI-powered risk prioritization, and automated remediation workflows into Tenable One. The $150 million purchase aims to provide enterprises with a unified risk management platform.

Data Storage in China Sparks Privacy Concerns
Italian data regulator Garante launched an inquiry into data storage and processing practices of Chinese generative AI model DeepSeek following the Friday public debut of its R1 reasoning model. The DeepSeek app is no longer available in the Apple and Google app stores in Italy.

British Museum IT Disruption Highlights Missteps in Identity and Access Management
The British Museum faced unexpected disruption when a former contractor trespassed into the museum and disabled its IT systems. This disruption highlights the risks posed by disgruntled employees and raises concerns about access rights after employment ends.

DeepSeek-R1 Model Rivals OpenAI at Fraction of Cost, Challenges US AI Leadership
The Chinese DeepSeek-R1 model rivals top U.S. AI models in performance while dramatically lowering training costs. Built on lower-end Nvidia GPUs, R1's efficiency reshapes the AI landscape, bolstering AMD's prospects and reshaping AI infrastructure discussions in Silicon Valley and beyond.

Experts Explain Complexity of Company's Massive Data Breach Analysis Endeavor
UnitedHealth Group says its previously eye-popping estimate of 100 million people affected by last year's attack on its Change Healthcare unit nearly doubled in recent months to a staggering 190 million victims. Why did it take so long for the company to figure out the extent of the compromise?