Simple prompt injections can trick LLM agents into exposing sensitive personal data. Even with safeguards, attackers extract details like balances, transactions, or identifiers. Such attacks succeed in ~20% of cases and degrade agent performance by 15–50%. Defensive measures exist but remain incomplete, leaving users exposed. Bottom line: data sovereignty requires stronger guardrails. Trusting LLMs “as […]
Clorox is suing IT provider Cognizant after a 2023 ransomware attack cost the company $380 million. The lawsuit claims Cognizant’s helpdesk handed over employee passwords to attackers posing as staff. No hacking skills were needed, just a phone call and a convincing story, Clorox alleges. Cognizant denies responsibility, stating it only offered limited helpdesk support. […]
Otelier, a platform used by hotel chains worldwide for managing reservations, transactions, and billing, has fallen victim to a data breach that exposed the personal information of hundreds of thousands of guests. The affected individuals include patrons of major hotel chains like Marriott, Hilton, and Hyatt, according to Troy Hunt of the data breach search […]
Victims of Finland’s largest psychotherapy data breach are seeking higher compensation. In 2020, a hacker stole sensitive information from 40,000 clients of Vastaamo, including patient records, and used it for extortion. While the Finnish government has offered compensation ranging from €500 to €1500, lawyers argue that this is insufficient, given the severe privacy violations the […]
The UK’s Electoral Commission leaked personal details of 40 million voters due to unpatched vulnerabilities in their Microsoft Exchange Server, spanning registrations from 2014 to 2022. Hackers accessed the server through known ProxyShell vulnerabilities in August and October 2021, installing malware and sending spam before the issues were detected and partially mitigated. The ICO investigation […]
Tesla, owned by Elon Musk, confirms that a data breach impacting over 75,000 employees was the result of insider misconduct. The electric car maker states that the breach was initiated by two former employees who leaked personal information of more than 75,000 individuals to a foreign media outlet.The breach encompassed personally identifiable details such as […]
A compiation of many breaches with 3.2 billion email-and-password pairs was posted online with existing data that had been stolen as part of previous breaches and leaks from companies like Netflix and LinkedIn. Read more about this topic: https://bgr.com/2021/02/05/data-breach-email-and-passwords-leaked-compilation-of-many-breaches/
The chance that identity fraud can be committed with the personal data, such as address details, telephone numbers and citizen service numbers (bsn), which have been stolen in the Netherlands from the corona systems of the Municipal Health Service (GGD), is small according to the National Service for Identity Data (RvIG). How do you estimate […]
Düsseldorf University Hospital has become infected with ransomware through a known vulnerability in Citrix. The disrupted systems caused that the hospital could no longer receive ambulances, among other things. The Ministry of Justice of the German state of North Rhine-Westphalia released a message yesterday that a patient had died as a result of the ransomware […]
According to researchers at the American Ponemon Institute, cyber attacks are the leading cause of data leaks, followed by technical defects, configuration errors in the cloud and human error. The “Cost of a Data Breach Report 2020” study conducted by IBM among 3,200 people from 524 organizations shows that the average cost per leaked or […]