{"id":198498,"date":"2026-03-23T13:49:00","date_gmt":"2026-03-23T17:49:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/23\/2-7m-users-exposed-esecurity-planet\/"},"modified":"2026-03-23T13:55:21","modified_gmt":"2026-03-23T17:55:21","slug":"2-7m-users-exposed-esecurity-planet","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/23\/2-7m-users-exposed-esecurity-planet\/","title":{"rendered":"2.7M Users Exposed &#8211; eSecurity Planet"},"content":{"rendered":"<p><a href=\"https:\/\/esecurityplanet.com\/newsletter\/cybersecurity-insider\/2026-03-23\/\">2.7M Users Exposed &#8211; eSecurity Planet<\/a><\/p>\n<p><a href=\"https:\/\/esecurityplanet.com\/newsletter\/cybersecurity-insider\/2026-03-23\/\">https:\/\/esecurityplanet.com\/newsletter\/cybersecurity-insider\/2026-03-23\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-23 13:49:00<\/a><\/p>\n<p>Source Domain: <a href=\"esecurityplanet.com\">esecurityplanet.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>The threat surface keeps expanding\u2026 from the inside out.Today, silent access turns into mass disruption, trusted systems become attack vectors, and automation blurs the line between innovation and abuse.\u00a0<br \/>\nRead past newsletters here.Here\u2019s what you need to know:2.7 Million Impacted in Navia Data Breach<br \/>\nA benefits provider revealed attackers accessed its systems for weeks, exposing sensitive data of millions of users.\u00a0Exposed data includes SSNs, birth dates, and benefits details \u2014 valuable for identity theft and targeted attacks.The company has begun notifying those impacted and no threat actor group has claimed responsibility at the time of publication.\u00a0<br \/>\nPrioritize detection engineering, specifically alerting on abnormal access to benefits and HR systems, enforce stricter data retention policies, and use DLP solutions.FBI Seizes Handala Sites After Stryker Attack<br \/>\nFederal authorities seized infrastructure used by the Handala group after a cyberattack wiped roughly 80,000 devices at Stryker.\u00a0<br \/>\nThe group, tied to Iranian state interests, used privileged access to trigger mass device wipes via Microsoft Intune \u2014 highlighting how identity compromise can drive large-scale disruption.\u00a0<br \/>\nWhile the seizure shows growing law enforcement focus, the group plans to rebuild, and organizations using centralized device management remain at risk without strong admin controls.\u00a0<br \/>\nEnforce strict conditional access and privileged identity management (PIM) for domain and Intune admins, use privileged access management tools, and audit for unauthorized Global Admin accounts regularly.Global Takedown Disrupts Massive IoT Botnets<br \/>\nAuthorities in the U.S., Germany, and Canada dismantled infrastructure behind multiple botnets used in large-scale cyberattacks.\u00a0The takedown targeted Aisuru, Kimwolf, JackSkid, and Mossad \u2014 botnets that hijacked millions of IoT devices to launch large-scale DDoS attacks.\u00a0Operating as cybercrime-as-a-service, they exploited poorly secured devices to scale attacks, and are likely to rebuild quickly despite the disruption.\u00a0<br \/>\nContinuously inventory IoT assets and enforce egress filtering to block unauthorized outbound traffic, which reduces the risk of devices being conscripted into botnets.<br \/>\nBotnet Exposure Check: Could your devices be weaponized? <\/p>\n<p>Yesterday&#8217;s Pulse Check ResultsThird-Party Risk Check:\u00a0How exposed is your vendor ecosystem?Security Tools You Can Use<br \/>\n\u200aBots and AI Power $10M Streaming Scam<br \/>\nA musician pleaded guilty to running a years-long scheme using AI-generated songs and bots to steal over $10 million in streaming royalties.\u00a0The scheme shows how automation, cloud infrastructure, and VPNs can bypass fraud detection at scale \u2014 exploiting platforms that rely on engagement metrics.With thousands of bots and billions of fake streams, it highlights growing AI-driven fraud amid rising regulatory and law enforcement scrutiny.<br \/>\nImplement behavioral analytics that detect anomalies in content consumption patterns \u2014 such as uniform streaming behavior or distributed bot activity across cloud environments \u2014 to identify fraud beyond traditional account-based signals.Insider Theft Drives $2.5M Extortion Scheme<br \/>\nA former contractor was convicted for stealing sensitive company and employee data to carry out a multimillion-dollar extortion scheme.This incident highlights ongoing insider risk, especially when employees retain broad access near termination.\u00a0\u00a0<br \/>\nThe case is pending sentencing at the time of publication.Implement automated offboarding that revokes access immediately, and use DLP to block or flag suspicious data transfers and audit recent activity. Gartner\u00ae Research: How to Secure Enterprise Agentic AI AmbitionGartner\u00ae analysts warn that rapid agentic AI adoption is outpacing enterprise security readiness. Download the report to learn key risks, required controls, and how to secure agentic AI at scale. Access the report now for deeper insight today into emerging threats.How Exposed Are You to Insider Risk?<br \/>\nInsider threats are increasing as employees, contractors, and partners retain broad access to sensitive systems \u2014 whether through negligence or malicious intent.\u00a0With ongoing layoffs, role changes, and distributed workforces, the risk of data exfiltration is growing, making strong visibility, monitoring, and access controls more important than ever.<br \/>\nHow to reduce insider threat risk:Use DLP and user activity monitoring to detect and block unauthorized data movement and suspicious behavior in real time.Enforce least privilege with regular access reviews and privileged access management to limit unnecessary or high-risk access.<br \/>\nAutomate offboarding and apply behavioral analytics to quickly revoke access and identify anomalies that signal insider threats.Insider threats can be challenging to spot, but combining monitoring, access controls, and automation helps reduce risk.<\/p>\n<p>Ken Underhill is an award-winning cybersecurity professional, bestselling author, and seasoned IT professional. He holds a graduate degree in cybersecurity and information assurance from Western Governors University, bringing years of hands-on experience to the field.<\/p>\n<p>Cybersecurity Insider is a TechnologyAdvice business\u00a9 2026 TechnologyAdvice, LLC. All rights reserved.TechnologyAdvice, 3343 Perimeter Hill Dr., Suite 215, Nashville, TN 37211, USA.<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>2.7M Users Exposed &#8211; eSecurity Planet https:\/\/esecurityplanet.com\/newsletter\/cybersecurity-insider\/2026-03-23\/ Publish Date: 2026-03-23 13:49:00 Source Domain: esecurityplanet.com Author:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":198499,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/media.sailthru.com\/composer\/images\/bazh\/axcjdfof\/2v2\/p40\/27w\/csi_logo_nopadding.png","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,30,24,34],"class_list":["post-198498","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-breach","tag-cybersecurity","tag-threat-actor"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/198498"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=198498"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/198498\/revisions"}],"predecessor-version":[{"id":198500,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/198498\/revisions\/198500"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/198499"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=198498"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=198498"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=198498"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}