Drupal malware could have affected up to 12 million websites


Attackers who exploited a bug in version 7 of the Drupal open-source content management platform may have compromised up to 12 million websites. Drupal  has issued a security warning and said that organisations that did not apply the patch within seven hours of the bug’s discovery on 15 October should presume their websites have been […]

Verizon’s data breach report identifies nine patterns that classify attacks


Verizon has recently released its comprehensive 2014 Data Breach Investigations Report, and its findings do not surprise me. But why should they? After all, it seems there isn’t a day that goes by without news of an attempted cyber attack or, worse, a successful data breach. Verizon’s report stresses that the variety and volume of […]

Kim and his 2 billion won: Massive data breach affects half of South Korean citizens

Edge of Keyboard

According to sources, 16 people have been arrested after 220 million records were stolen, including real names, account names, passwords and resident registration numbers. It is said that one of those arrested, ‘Kim’, obtained all 220 million records from a Chinese hacker he met through an online game three years ago. With this stolen data, […]

South African businesses: POPI is coming to get you!


In South Africa, the Protection of Personal Information Act (POPI) was signed into law in November 2013 and companies will soon need to be fully compliant or face the significant consequences of ineffective data security management. If the enforcements imposed by the UK Data Protection Act are anything to go by, then South African businesses […]

Hackers hit hedge fund

BAE Systems Applied Intelligence has revealed details of a 2013 cyber attack on a large US hedge fund that caused the loss of millions of dollars. Hackers used malware to insert delays of hundreds of milliseconds into the firm’s trading algorithms, disrupting high-speed trading at the unnamed hedge fund for at least two months, and […]

GDPR reforms: mandatory global compliance with new EU data protection regulations

Privacy laws in Europe are tightening. Non-European companies that operate in the EU are currently governed only by the data protection laws of the country in which they are based, but European ministers have now agreed on reforms to the proposed Europe-wide General Data Protection Regulation (GDPR) that will make the law applicable to non-European companies that do business in the EU as well as to European companies

Data breach implications, as seen first-hand by Target

Since suffering one of the biggest data breaches in retail history, Target has been struggling to recover its image. Sales in its US stores have decreased by 0.3%, driven by a falling number of transactions. As a result, Target is now cutting its prices in order to drive footfall to stores, even though it will affect profit margins further.