A new security analysis has revealed that nearly half of all network communications between Internet of Things (IoT) devices and traditional IT systems come from devices that pose serious cybersecurity risks. The report, published by cybersecurity company Palo Alto Networks, analyzed data from over 27 million connected devices across various organizations. The findings show that 48.2 percent of these IoT-to-IT connections came from devices classified as high risk, while an additional 4 percent were labeled critical risk. These figures underline a growing concern that many organizations are struggling to secure the rapidly expanding number of IoT devices on their networks. Experts noted that a large portion of these devices operate with outdated software, weak default settings, or insecure communication protocols, making them easy targets for cybercriminals. Why It’s a Growing Threat IoT devices, ranging from smart security cameras and sensors to industrial control systems are often connected to the same network as computers and servers used for daily business operations. This creates a problem: once a vulnerable IoT device is compromised, attackers can move deeper into the network, access sensitive data, and disrupt normal operations. The study emphasized that the main cause behind such widespread exposure is poor network segmentation. Many organizations still run flat networks, where IoT devices and IT systems share the same environment without proper separation. This allows a hacker who infiltrates one device to move easily between systems and cause greater harm. How Organizations Can Reduce Risk Security professionals recommend several key actions for both small businesses and large enterprises to strengthen their defenses: 1. Separate Networks: Keep IoT devices isolated from core IT infrastructure through proper network segmentation. This prevents threats in one area from spreading to another. 2. Adopt Zero Trust Principles: Follow a security model that does not automatically trust any device or user. Each access request should be verified, and only the minimum level of access should be allowed. 3. Improve Device Visibility: Maintain an accurate inventory of all devices connected to the network, including personal or unmanaged ones. This helps identify and secure weak points before they can be exploited. 4. Keep Systems Updated: Regularly patch and update device firmware and software. Unpatched systems often contain known vulnerabilities that attackers can easily exploit. 5. Use Strong Endpoint Protection: Deploy Endpoint Detection and Response (EDR) or Extended Detection and Response (XDR) tools across managed IT systems, and use monitoring solutions for IoT devices that cannot run these tools directly. As organizations rely more on connected devices to improve efficiency, the attack surface grows wider. Without proper segmentation, monitoring, and consistent updates, one weak device can become an entry point for cyberattacks that threaten entire operations. The report reinforces an important lesson: proactive network management is the foundation of cybersecurity. Ensuring visibility, limiting trust, and continuously updating systems can significantly reduce exposure to emerging IoT-based threats.

  The New York Blood Center Enterprises (NYBCe) has reported a major cybersecurity incident that compromised the personal information of nearly 194,000 people. The breach occurred between January 20 and January 26, 2025, when an unauthorized party gained access to the organization’s network and extracted copies of certain files. What information was taken The investigation confirmed that sensitive details were involved in the leak. These included names, Social Security numbers, driver’s license and other state-issued identification numbers, as well as bank account information for individuals who received payments by direct deposit. In some cases, health data and medical test results were also exposed. NYBCe has not disclosed how the attackers infiltrated its systems, whether ransomware was used, or if any ransom demand was made. No known criminal group has claimed responsibility for the breach so far. Why affected individuals may not receive notices Unlike many healthcare providers, NYBCe does not maintain contact information for all of its patients and service users. As a result, it cannot directly notify every individual whose records were accessed. Instead, the organization has urged anyone who has received services to call a dedicated helpline at 877-250-2848 to confirm whether their data was compromised. To support those impacted, NYBCe is offering complimentary access to Experian’s identity protection and credit monitoring services for one year. Additional details are available through a filing with the Vermont Attorney General’s office. Scale of the incident Cybersecurity researchers note that this is among the largest healthcare-related breaches of 2025. Data compiled by Comparitech shows that the incident ranks as the fourth-largest ransomware-related exposure this year in terms of records affected, with healthcare organizations remaining frequent targets. By mid-2025, more than 60 attacks on hospitals, clinics, and direct care providers had been recorded, exposing over 5 million patient records. Steps individuals should take Experts emphasize that people potentially affected by this breach should take immediate precautions: 1. Contact NYBCe: Call the helpline to verify if your records were involved. 2. Use identity protection tools: Enroll in the free Experian services being offered, and consider placing a credit freeze or fraud alert with the credit bureaus. 3. Stay alert for scams: Watch for phishing emails or phone calls pretending to be official messages. Avoid clicking links, opening attachments, or sharing personal information unless you can confirm the source. 4. Monitor financial accounts: Check bank statements and health insurance records regularly for unusual charges or activity. 5. Adopt cybersecurity practices like second nature: Use strong passwords, enable two-factor authentication, and keep antivirus software updated. The breach at NYBCe is a testament to the growing threat facing healthcare organizations, which often hold large amounts of sensitive data but face challenges in securing complex IT systems. Security experts warn that similar incidents are likely to continue, making it critical for organizations to improve defenses and for individuals to remain vigilant about protecting their personal information.

  A technology mishap inside the U.S. Department of Homeland Security (DHS) briefly left sensitive intelligence records open to people who were never supposed to see them. The issue, which lasted for several weeks in 2023, involved the Homeland Security Information Network (HSIN) — a platform where intelligence analysts share unclassified but sensitive reports with select government partners. The restricted section of HSIN, known as HSIN-Intel, is designed for law enforcement agencies and national security officials who require access to intelligence leads and analyses. However, due to a misconfiguration, access controls were set incorrectly, making the files visible to the entire network rather than just the authorized users. As a result, thousands of individuals, including government employees in unrelated departments, private contractors, and even some foreign officials were able to view materials meant for a much smaller audience. An internal review later revealed that 439 intelligence products were exposed during this period, with unauthorized users opening them more than 1,500 times. While many of the users were from within the United States, the inquiry confirmed that several foreign accounts also accessed the data. Nearly 40 percent of the leaked material related to cybersecurity, including reports on state-sponsored hacking groups and foreign attempts to infiltrate government IT systems. Other exposed content included law enforcement tips, assessments of disinformation campaigns, and files mentioning protest activity within the United States. DHS acted quickly to fix the technical error once it was discovered. The department later stated that oversight bodies determined no serious harm resulted from the incident. Yet not all officials agreed with this conclusion. The internal memo describing the incident argued that personally identifiable information, such as details connected to U.S. citizens had been exposed and that the impact might have been greater than DHS initially suggested. The document recommended additional training for staff to ensure stronger protection of personal data. Privacy experts point out that the incident raises wider concerns about domestic surveillance practices. When government agencies collect and store intelligence on Americans, even unclassified data, errors in handling it can create risks for both national security and individual privacy. Critics argue that such leaks highlight the need for stronger oversight and accountability, especially as legislative efforts to reform DHS’s intelligence powers continue in Congress. Although DHS maintains that the exposure was contained and promptly resolved, the episode underlines how technical flaws in sensitive systems can have unintended consequences. When security tools are misconfigured, information meant for a limited circle of analysts can spread far beyond its intended audience. For citizens and policymakers alike, the event is a reminder of the delicate balance between gathering intelligence to protect the country and ensuring that privacy and civil liberties are not compromised in the process.

  In a major cybersecurity incident which has caused major disruption to the operations of Jaguar Land Rover, it highlights the growing vulnerability of automakers across the world to cyberattacks, underlining the increasing need to maintain communication channels between automakers and their customers.  In a statement released on September 2, the British luxury car manufacturer said that the attack had severely disrupted its core computer systems. This led to the suspension of production across the company's UK assembly plants and ripple effects throughout the entire organisation, including global operations, supply chain coordination, and manufacturing engineering.  Having taken proactive measures to counter the threat, JLR disabled several key systems, resulting in widespread problems in how suppliers and logistics partners could communicate in real-time with one another. Although the company has not yet provided any details concerning the ransomware or any other forms of malicious code that were responsible for the breach, the company has stated that its internal security experts are working closely with external cyber experts to investigate it, with critical systems currently being restored in a "controlled fashion" under the guidance of external cyber experts. A major impact of the disruption has already been felt by Jaguar Land Rover’s workforce and production schedule. The Halewood plant, located near Liverpool, was instructed to close early Monday morning via email. Local news reports indicate that the shutdown will continue until midweek, as local reports have suggested.  There have been a number of issues that have affected the company’s manufacturing operations, but also its retail outlets, which have disrupted the flow of vehicles to customers in the wake of the incident. A JLR official statement confirmed that the company was dealing with a “cyber incident” and that critical systems had been shut down promptly to contain the situation.  However, the automaker stressed that, although there are ongoing investigations into the issue, there is no indication that any customer data has been compromised at the moment. Although the company acknowledged that both retail and production activities have been severely disrupted, it explained that global applications are gradually being restored in a controlled manner, a process that it described as controlled.  Last year, JLR generated revenues of more than £28.99 billion ($38.75 billion), employing over 39,000 people across the globe. However, recent financial struggles have resulted in a 49 per cent drop in pre-tax profits for the company in the second quarter, owing in part to the fact that U.S. exports are slowed by tariffs.  In addition to this attack, JLR has also joined Marks & Spencer, the Co-op, and Harrods among the growing list of high-profile British brands targeted by cyber attacks this year, adding the retailer to the list. In a recent report, the cyberattack is reported to have begun on Sunday, coinciding with the beginning of September, a time when the automotive industry in the UK is experiencing heightened importance, due to the introduction of new registration plate identifiers.  A biannual change in vehicle prices usually occurs in March and September, and it is widely acknowledged as one of the most important promotional windows for manufacturers, as it drives a significant surge in vehicle sales. Therefore, the disruption has come at a particularly sensitive time for Jaguar Land Rover, since a large portion of the company's annual sales are attributed to these particular months, which are more critical than usual. As reported by the BBC, the automaker discovered the attack while it was still unfolding, which prompted it to shut down potentially affected IT systems to limit the consequences. In its statement issued on 2 September, Jaguar Land Rover confirmed that work is underway to return global applications to service in a controlled manner.  Even though retail and production operations remain severely affected, no evidence has been found that customer data has been compromised. There is a growing vulnerability in highly digitalised manufacturing environments, according to industry experts, and the incident underscores that. As a result of the integration of IT with operational technology, a single breach can freeze entire plants and ripple through the entire supply chain in a matter of seconds.  As a result of any downtime, suppliers, retailers, and their partners are affected by loss of production, delayed sales, and disruptions. During his recent comment, Dray Agha, Senior Manager of Security Operations at Huntress, expressed his opinion that this example illustrates how one single IT system attack could shut down a multi-billion-dollar production line, causing direct sales to be negatively impacted, especially during a key period like a new registration period.  It has been reported by SecurityScorecard’s Chief Threat Intelligence Officer, Ryan Sherstobitof, that in addition to forcing the shutdown of JLR’s Solihull factory, the cyberattack also prevented dealers in the UK from registering new cars and supplying parts. With no information available from the company as to what caused the breach or when it was expected to recover, the company did not provide details on the situation.  After a cyber incident in March involving Jaguar Land Rover, which claimed that hackers had stolen the source code and tracking data, the disruption marks the second cyber incident to have struck Jaguar Land Rover this year. This recurrence raised concerns about the possibility of exploiting vulnerabilities that were previously exposed in the earlier breach, said Nick Tausek, Lead Security Automation Architect at Swimlane. It is also important to emphasise, according to other cybersecurity specialists, that this episode highlights the urgency of strengthening cyber hygiene, robust authentication and authorisation practices, as well as tightening data flow protections. "Cyber resilience is fundamental to overall business resilience," said Jon Abbott, CEO of ThreatAware. He said that disruptions can be hugely destructive to a business.  There are many manufacturers in the manufacturing sector that are so heavily dependent on the uptime of their operations that they would never want to become the subject of future headlines regarding cyber incidents. The recent developments at Jaguar Land Rover serve as a timely reminder that cybersecurity is no longer just a peripheral concern, but rather a vital component of operational continuity.  It is becoming increasingly important for digital infrastructure to have resilience as cars become increasingly connected and production systems become more deeply intertwined with global supply chains, which has a direct impact on market stability and customer confidence.  Manufacturers can do their part not just by implementing reactive containment measures, but also by investing in proactive measures—enhancing endpoint protection, implementing layered defences, and conducting rigorous penetration tests to identify hidden vulnerabilities in their systems. In addition to technology, it is equally important to cultivate a culture of cyber awareness throughout the organisation in order to ensure that every employee understands their role in safeguarding critical systems, regardless of the technology they use.  It's widely believed that companies which embed cyber resilience into the very core of their business DNA will gain a competitive advantage over their peers in the long run. Investors and consumers alike will gravitate towards brands which can demonstrate resilience when dealing with ever-evolving digital threats. Ultimately, the incident represents more than a disruption, as it also highlights the need for cybersecurity to be deemed just as important as innovation, safety, and sustainability in the automotive industry as a whole.

IT failure causes significant billing delays, increasing labor costs and highlighting infrastructure vulnerabilities.

The pilot will see GP practices look at patient records to identify those most at risk

Trust your doctor, not a chatbot. That’s the stark lesson from a world-first study that demonstrates why we shouldn’t be taking health advice generated by artificial intelligence (AI).

Claesson will assume responsibility for the group’s global information technology and succeed Martin Kolbe.

Luxury department store Harrods has become the latest UK retailer to report targeted cyber-attacks from hackers.

Recent cyber-attacks against major UK retailers have revealed the scale of vulnerability in the country’s most vital services.

The consultant radiologist and chief commercial officer of Hexarad talks about how outdated IT systems and overwhelmed teams actively hinder even the best AI tools or tech initiatives.

Cal Waters plans enrollment-focused year for new IT system while improving data handling.

Remote monitoring systems enable businesses to track, manage, and optimize their operations from a distance. This guide outlines key concepts, benefits & types

The information platform covers existing EU IT systems for migration and policing, including the Visa Information System (VIS), Schengen Information System (SIS), and the Eurodac system for managing fingerprints of asylum seekers and migrants apprehended at the EU’s external borders.

American Water Works Company, Inc., the largest regulated water and wastewater utility in the United States, reported a cybersecurity incident on October 3, 2024, affecting its computer networks and s...

Montreal-based video game developer Red Barrels, renowned for its critically acclaimed Outlast series, has recently fallen victim to a significant cybersecurity breach.