Sephora data breach: 3.7m customer records up for sale on Dark Web, says cybersecurity firm (Channel News Asia)

Channel News Asia: Sephora data breach: 3.7m customer records up for sale on Dark Web, says cybersecurity firm. “About 3.7 million customer records ‘likely to be related’ to the Sephora data breach are on sale on the Dark Web, according to one cybersecurity vendor. Singapore-headquartered company Group-IB said in a news release on Thursday (Aug 1) its threat intelligence team found two databases with customer data on underground forums, with the leak dating back to as early as February this year.”

Mashable: Data breach leaks personal information of tens of thousands of college students

Mashable: Data breach leaks personal information of tens of thousands of college students. “Another day, another big data breach. This time, the breach hit education software company Pearson, exposing data on at least 100,000 students across more than 13,000 schools and universities.”

Washington Post: Capital One says data breach affected 100 million credit card applications

Washington Post: Capital One says data breach affected 100 million credit card applications. “Capital One, the Virginia-based bank with a popular credit card business, announced Monday that a hacker had accessed about 100 million credit card applications, and investigators say thousands of Social Security and bank account numbers were also taken.”

CSO: The biggest data breach fines, penalties and settlements so far

CSO: The biggest data breach fines, penalties and settlements so far. “Sizable fines assessed for data breaches in 2019 suggest that regulators are getting more serious about organizations that don’t properly protect consumer data. In the UK British Airways was hit with a record $230 million penalty, followed shortly by a $124 million fine for Marriott, while in the US Equifax agreed to pay a minimum of $575 million for its 2017 breach.”

ZDNet: Hackers breach FSB contractor, expose Tor deanonymization project and more

ZDNet: Hackers breach FSB contractor, expose Tor deanonymization project and more. “Hackers have breached SyTech, a contractor for FSB, Russia’s national intelligence service, from where they stole information about internal projects the company was working on behalf of the agency — including one for deanonymizing Tor traffic.”

The Verge: Former Equifax executive sentenced to prison for insider trading prior to data breach

The Verge: Former Equifax executive sentenced to prison for insider trading prior to data breach. “The Security and Exchanges Commission charged [Jun] Ying with insider trading last year. The Department of Justice says that in August 2017, after learning about the breach, he began researching the impact that a similar breach had on another company’s stock price. Later that morning, he promptly exercised and sold all of his stock options, earning nearly a million dollars from the sale. In doing so, he avoided a loss of $117,000 that he otherwise would have incurred when the company’s stock price dropped after the disclosure.”