Disney+ Plagued by Credential Stuffing

by Sarah Harvey / December 15, 2022

Streaming services like Netflix, Hulu, HBO Now, and Prime Video have revolutionized the way people consume television and movies – and Disney is the latest company to join the craze with its newly-released and much-anticipated Disney+ streaming service. With more than 10 million users creating accounts within the first day the service was rolled out, Disney had to be aware of the extreme cyber threats facing the streaming service. After…

CCPA Roadmap for Compliance

by Sarah Harvey / October 4, 2023

The California Consumer Privacy Act will go into effect on January 1, 2020, which gives organizations who have yet to start their compliance efforts less than three months to prepare for the enforcement of the new data privacy law. While ensuring compliance with a new legal requirement is never easy and is often stressful, we’ve come up with seven steps to follow that can act as a roadmap for CCPA…

Amendments to TITEPA: Breach Notification and Privacy in Texas

by Sarah Harvey / December 15, 2022

Organizations are experiencing increasing commercial pressure from their business customers and individual consumers to provide timely, clear, and adequate breach notification. Now, organizations are facing increasing regulatory pressure to provide timely, clear, and adequate breach notification. One of the most recent regulatory changes apply to the Texas Identity Theft Enforcement and Protection Act (TITEPA). These changes create additional regulatory requirements and force businesses to disclose certain security breaches directly to…

How Much Is Your Data Worth to Hackers?

by Sarah Harvey / June 14, 2023

How much do you think a buyer on the dark web would pay for stolen data? How much would you estimate a hacker can profit off of personal data? The truth is, the price of stolen data is worth the risk for hackers but always costly for organizations that store, process, transmit, or destroy personal data. How Do Hackers Make Money? When a system is breached and personal data is…

10 Most Common SOC 2 Gaps

by Sarah Harvey / June 13, 2023

In 2019, State Farm notified policyholders of a cybersecurity attack in the form of credential stuffing, a tactic often used by hackers that relies on a lack of password maintenance. State Farm took proper measures to reset passwords and notify affected parties of the attack, but what if State Farm employees were properly implementing multi-factor authentication practices from the start? Would this attack have even happened? How could State Farm…