The attorneys general of 42 states plus Washington, D.C., have slapped health insurer Anthem with a $39.5 million settlement in the wake of a 2014 cyberattack that affected nearly 79 million individuals. Meanwhile, California's attorney general signed a separate $8.7 million settlement with the insurer.
A security incident that apparently involved ransomware has crippled the network of Universal Health Services, which owns hundreds of facilities across the U.S.
The U.S. Cybersecurity and Infrastructure Security Agency has issued a report describing how a threat actor apparently used a well-known VPN vulnerability and compromised Office 365 credentials to gain administrative privileges to a federal agency's network.
Premera Blue Cross has agreed to pay a $6.85 million fine, the second largest HIPAA settlement ever announced by federal regulators. The case stems from a 2014 breach, which went undetected for nine months and exposed the information of 10.4 million individuals
Training employees to resist phishing emails is key to preventing compromises. But an exercise run by Tribune Publishing Co. created a searing backlash after its phishing exercise tempted employees with bogus bonuses in a year in which they had already endured financial hardships.
The latest edition of the ISMG Security Report features an analysis on why criminals continue to use darknet markets, despite the risks. Also featured: Hackers target Virgin Mobile KSA; coping with COVID-19 stress.
With so many cybercrime markets continuing to disappear, why haven't encrypted messaging apps stepped in to fill the gap? They might seem to be the perfect solution to admins stealing buyers' and sellers' cryptocurrency - via an exit scam - or police infiltration. But encrypted apps have their own downsides.
Shopify's announcement this week that two employees inappropriately accessed transactional data from 200 of the merchants that use its e-commerce platform demonstrates the importance of taking a "zero trust" approach to security and improving identity and access management capabilities, security experts say.
As the tally of reported heath data breaches related to the May ransomware attack on Blackbaud continues to climb, so do the number of lawsuits filed against the cloud-based fundraising software vendor.
Revisiting remote workforce security defenses, simplifying cloud access controls and pursuing risk-based vulnerability management and passwordless authentication are among the 10 security projects that all organizations should consider for this year and next, according to advisory firm Gartner.
For the second time this week, federal regulators have doled out a hefty financial fine in a HIPAA settlement after an investigation of a breach tied to a hacking incident.
Federal regulators have announced a $1.5 million HIPAA settlement with a Georgia orthopedic clinic stemming from a 2016 breach involving The Dark Overlord hacking group. The case serves as a warning of the potentially hefty cost of failure to implement a comprehensive HIPAA compliance program.
A U.K. resident who was a member of The Dark Overlord hacking group pleaded guilty to federal charges Monday and was sentenced to five years in prison, according to the U.S. Justice Department. The group targeted several healthcare organizations and others.
U.S. government agencies are supposed to have patched the "Zerologon" vulnerability by now, about six weeks after Microsoft issued a patch. But CISA warns that too many agencies' systems remain unpatched.
The 2020 Security Effectiveness Report shares our findings from an evaluation of 100+ enterprise production environments globally across every major vertical.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.