Industry News: ESG5

The Target: ​ American software giant Oracle.

The Take: The compromised data includes usernames, passkeys, and encrypted passwords, which Oracle staff revealed to some clients.

The Vector: A hacker infiltrated a computer system, resulting in the theft of old client log-in credentials, according to Bloomberg News, citing two people familiar with the matter.

This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.

Read more...

2025-04-04

The Guardian: Hackers have targeted Australian superannuation funds, with a small number of customers losing a combined half a million dollars, and compromising some members’ data, the industry’s peak body says.

Read more...

2025-04-03

Wealth Briefing Asia: Family offices are already feeling the impact of weak cybersecurity. As reported in a survey by Deloitte, the accountancy and professional services giant, found that almost half (43 per cent) of family offices around the world – a sector estimated to hold more than $3 trillion in total AuM – have suffered a cyberattack in the past two years. 

Read more...

2025-04-01

Dark Reading: Japan has passed the Active Cyber Defense Bill, which will allow its military and law enforcement to take preemptive measures to combat cyber threats.

Read more...

2025-04-01

The Record: Russian President Vladimir Putin signed a law aimed at protecting citizens from cyber fraud, as financial cybercrime reportedly reached record levels in the country.

Read more...

2025-03-31

Business Wire: ReliaQuest, a leader in AI-powered security operations, announced a new funding round of more than $500 million led by EQT, KKR and FTV Capital, with participation from other existing investors Ten Eleven Ventures and Finback Investment Partners.

Read more...

2025-03-31

Cybersecurity Dive: Enterprises are pouring more money and resources into AI initiatives, whether it’s tapping new services, getting legacy systems ready for integration or training employees on how to best use the technology. 

Read more...

2025-03-31

SecurityWeek: The investment, part of the Digital Europe Programme for 2025-2027, aims to drive digital technology advancements in the European Union. Part of the €1.3 billion funding will be allocated to cybersecurity, specifically for boosting cyber resilience in the EU.

Read more...

The Target: ​ StreamElements is a popular cloud-based streaming tools platform used primarily by content creators on Twitch and YouTube. It provides a suite for stream overlays, tips/donations, chatbots, activity feeds, merch store integration, stream analytics, loyalty/reward systems, and more.

The Take: A threat actor using the nickname "victim" claimed to have stolen the data of 210,000 StreamElements customers on March 20, 2025. The threat actor also shared samples of the stolen data, which included full names, addresses, phone numbers, and email addresses.

The Vector: The same hacker claimed that they breached a StreamElements employee via an information-stealing malware infection, which allowed them to take over an internal account and access the platform's order management system.

This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.

Read more...

2025-03-27

SecurityWeek: The company has raised $21 million in initial funding from Lightspeed Ventures and Bain Capital Ventures. Straiker’s platform aims to address the risks associated with the increasing use of AI chatbots and AI agents.

Read more...