News

Clorox Sues Cognizant for $380M Over Cyberattack Negligence

Luciano Ferrari

09 Dec 2025 — 2 min read

Tuesday, December 9, 2025

Top 5 Cybersecurity Stories You Should Know

Clorox Sues Cognizant for $380M Over Cyberattack Negligence — tl;dr: Clorox has filed a $380 million lawsuit against IT firm Cognizant, alleging negligence in handling a cyberattack that disrupted its operations in August 2023. The attack, attributed to the Scattered Spider group, involved improper password resets that compromised Clorox's IT network. This incident has resulted in significant business losses for Clorox. As the case unfolds, organizations are urged to ensure robust identity verification processes to prevent similar breaches and protect their operations.
↪ https://infosec-mashup.santolaria.net/p/infosec-mashup-30-2025
NY Business Council Data Breach Affects 47,329 Individuals — tl;dr: The Business Council of New York State has reported a significant data breach affecting approximately 47,329 individuals, stemming from an external system intrusion detected on August 4, 2025. The breach, which occurred on February 24, 2025, likely exploited unpatched vulnerabilities or phishing techniques, compromising sensitive personal identifiable information (PII). Affected individuals, including 29 residents from Maine, are advised to monitor for unusual credit activity. This incident highlights the need for organizations to enhance their cybersecurity measures, including regular penetration testing and improved threat detection systems, to prevent future breaches.
↪ https://gbhackers.com/47000-individuals-affected-by-data-breach/
Washington Post Data Breach Exposes Personal Data of Nearly 10K Due to Oracle Zero-Day — tl;dr: The Washington Post has notified nearly 10,000 employees and contractors of a data breach resulting from a zero-day vulnerability in Oracle E-Business Suite, tracked as CVE-2025-61884. Between July 10 and August 22, hackers accessed sensitive personal and financial data, including names, Social Security numbers, and bank account details. Affected individuals are offered 12 months of identity protection services and are advised to consider credit freezes and fraud alerts. This incident is linked to the Clop ransomware group, which has targeted multiple organizations using the same exploit.
↪ https://www.bleepingcomputer.com/news/security/washington-post-data-breach-impacts-nearly-10k-employees-contractors/
Comprehensive Cybersecurity Glossary for Professionals — tl;dr: This extensive cybersecurity glossary provides definitions for 472 essential terms, including access control, advanced persistent threats, and application security. It serves as a valuable resource for cybersecurity professionals seeking to enhance their understanding of critical concepts and terminologies in the field. By familiarizing themselves with these terms, individuals can better navigate the complexities of cybersecurity, implement effective security measures, and stay informed about emerging threats and technologies. The glossary is designed to aid both novice and experienced practitioners in improving their cybersecurity knowledge and practices.
↪ https://infosectoday.com/cybersecurity/the-other-sextortion-data-breach-extortion-and-how-to-spot-it/
Coupang Faces Class-Action Lawsuit Over Data Breach Affecting 33.7 Million Customers — tl;dr: A U.S. subsidiary of the Korean law firm Daeryun plans to file a class-action lawsuit against Coupang's U.S. headquarters in New York due to a significant data breach that compromised the personal information of 33.7 million customers. The lawsuit, led by SJKP Law Firm LLP, seeks punitive damages and aims to address potential corporate governance failures. Victims, including over 200 individuals, are expected to join the suit, which will run parallel to a separate case in South Korea focused on consumer compensation. Affected customers should stay informed about their rights and consider joining the legal actions.
↪ https://koreajoongangdaily.joins.com/news/2025-12-09/national/socialAffairs/Law-firm-to-file-classaction-suit-against-Coupangs-US-headquarters-over-personal-data-leak/2472889