MOVEit cyberattacks: keeping tabs on the biggest data theft of 2023 – The Verge The Verge is about technology and how it makes us feel. Founded in 2011, we offer our audience everything from breaking news to reviews to award-winning features and investigations, on our site, in video, and in podcasts. 2024-11-11T20:22:05+00:00 https://www.theverge.com/rss/stream/23656286 https://platform.theverge.com/wp-content/uploads/sites/2/2025/01/verge-rss-large_80b47e.png?w=150&h=150&crop=1 Emma Roth <![CDATA[Amazon confirms employee data breach, but says it’s limited to contact info]]> https://www.theverge.com/2024/11/11/24293817/amazon-employee-emails-phone-numbers-moveit-data-breach 2024-11-11T15:22:05-05:00 2024-11-11T15:22:05-05:00

Amazon says a data breach exposed the email addresses, phone numbers, and building locations linked to its employees, as reported earlier by 404 Media. In a statement to The Verge, Amazon spokesperson Adam Montgomery said the company was "notified about a security event at one of our property management vendors that impacted several of its customers, including Amazon."

The confirmation follows a report from the cybercrime firm Hudson Rock saying that information posted on the hacking forum includes data from Amazon and 25 other entities, including MetLife, HP, HSBC, and Canada Post.

Hudson Rock says the leaked info dates back to May 2023, …

Read the full story at The Verge.

]]> Umar Shakir <![CDATA[Sony confirms server security breaches that exposed employee data]]> https://www.theverge.com/2023/10/5/23905370/sony-interactive-entertainment-security-breach-confirmation 2023-10-05T18:44:57-04:00 2023-10-05T18:44:57-04:00

Sony is sending out notices to some current and former Sony Interactive Entertainment (SIE) employees warning that their personal information was compromised in a system breach that occurred in May. The letters went out to about 6,800 affected individuals, as reported by Bleeping Computer. The publication also received confirmation from Sony that another breach occurred in September.

A ransomware group known as Cl0p claimed responsibility for breaking into a Sony server in June. The breach occurred via a vulnerability in the file-sending MOVEit Transfer platform that SIE was using. Sony is one of many organizations that have been affected b …

Read the full story at The Verge.

]]> Emma Roth <![CDATA[New SEC rules put a time limit on reporting hacks and data breaches]]> https://www.theverge.com/2023/7/26/23808943/sec-cybersecurity-public-companies-hacks-data-breaches 2023-07-26T17:46:46-04:00 2023-07-26T17:46:46-04:00

Public companies will now have to disclose cybersecurity incidents sooner, thanks to a rule adopted by the Securities and Exchange Commission. Under the new policy, the SEC will require public companies to report data breaches and hacks four business days after they are discovered.

Companies will have to disclose any cybersecurity incidents on a Form 8-K filing. These publicly available documents typically inform shareholders about major changes to the company - and now they'll include a new Item 1.05 for cybersecurity incidents. The disclosure should include information on "nature, scope, and timing," as well as "its material impact or rea …

Read the full story at The Verge.

]]>