There were a massive 99 data breaches and cyber attacks in August, making it the third-biggest monthly total of the year by number of security incidents. But, by contrast, only 36,673,575 records were confirmed to have been leaked, which is the fewest we’ve recorded since May 2018. The true figure, as always, will be higher than this – in part because organisations rarely disclose how many records were involved in security incidents. But we’ll take a positive however we can take it, particularly given how leaky organisations have been throughout lockdown.

As always, you can find the full list of incidents below, with those affecting UK organisations listed in bold. In case you missed it, you may also be interested in our first quarterly review of data breaches and cyber attacks. The report takes the information collected in these lists and summarises our findings. It includes year-on-year comparisons in the number of incidents that were detected, a review of the most frequently breached sectors and a running total of incidents for the year.

"This is not a good day for South Carolina." That was Governor Nikki Haley's public reaction to news that a foreign hacker had infiltrated South Carolina's Department of Revenue and made off with 3.6 million social security numbers and 387,000 credit/debit card numbers. Of the compromised cards, state officials believe only 16,000 were unencrypted, though the staggering social security breach affects more than half of South Carolina's 4.6 million population. Governor Nikki Haley held a presser earlier this afternoon confirming the attack — first uncovered by WLTX Columbia.

We've already seen supposed "elite hackers" attacking the World Health Organization, cyber criminals hitting a COVID-19 vaccine testing facility with ransomware and healthcare workers being targeted with Windows malware using coronavirus information as the lure.

Now, it has been reported, hackers have forced the Italian social security website to shut down for a period, as the most vulnerable in society started their claims for a €600 ($655) crisis payout.

INPS has been distributing emergency funds to those hardest hit by the coronavirus pandemic

The website of INPS, the Italian department of social security and welfare, appears to be operational again after an apparent cyber-attack forced it offline yesterday (April 1).

A ransomware attack forced Ireland’s healthcare service to shut down its servers. Here’s what we know so far.

The Government Accountability Office has found that most organizations voluntarily agreed to adopt the National Institute of Standards and Technology's cybersecurity framework but their overseeing agencies are yet to develop ways to ensure NIST compliance.

This publication describes a voluntary risk management framework ("the Framework") that consists of standards, guidelines, and best practices to manage cybersecurity-related risk. The Framework's prioritized, flexible, and cost-effective approach helps to promote the protection and resilience of critical infrastructure and other sectors important to the economy and national security.

Hospitals in Britain, several companies in Spain and 11 other countries have confirmed attacks to their systems. Patient information does not appear to have been stolen or compromised, according to the National Health Service of Britain.

By Russell Goldman May 12, 2017

Right Now: Security experts warned that the full impact of the audacious cyberattack that crippled 200,000 computers in more than 150 countries might be truly felt in the new workweek as workers return to their offices and turn back on their computers.