A hack attack targeting a U.K. shoe retailer that exposed personal details and passwords for more than 1 million customers highlights the need to identify and dispose of older data that is no longer needed.
The U.S. likely won't complete its implementation of EMV for many years to come, despite the October 2015 liability shift date for counterfeit card fraud, many forecasters say. And until it's fully deployed, EMV will have little impact on fraud.
New York State Attorney General Eric Schneiderman proposes updating state law to require businesses, including out-of-state firms with New York customers, to implement new safeguards to protect personal consumer data they store.
ENISA - the EU agency responsible for bolstering European cybersecurity practices - is calling on Internet infrastructure providers to adopt best practices for combatting routing threats, DNS spoofing and poisoning attacks, as well as DDoS disruptions.
The FBI's attribution of the attack against Sony Pictures Entertainment to North Korea was based, in part, on NSA intelligence gleaned from the agency having infected a significant number of North Korean PCs with malware, a news report says.
The inappropriate use and disclosure of patient information for marketing purposes by an insurer in Tennessee offers a reminder of the importance of complying with HIPAA's marketing-related provisions.
President Obama says he sees the need for law enforcement to gain access to terrorists' encrypted data, but stops short of calling for a law to require manufacturers to provide a so-called "backdoor" to break encryption on mobile devices.
An increasing number of cyber-attacks are not being launched by governments - or their intelligence services - but rather by opportunistic mercenaries offering "espionage-as-a-service," according to a new report.
The U.S. and U.K. plan to hold "cyber war games" to help them prepare for defending against online attacks. Meanwhile, hackers have targeted 19,000 French websites with DDoS attacks and defacements since the Paris massacre.
Weeks after confirming its review of a data breach that occurred during a routine regulatory exam, a financial regulatory agency now says it will pay $50,000 to help cover the affected institution's breach-related expenses.
A group of about 20 state attorneys general has sent a letter to JPMorgan Chase demanding the bank reveal far more details about its breach last year that exposed information related to 76 million households and 7 million small businesses.
The globalization of fraud waged by organized crime has spurred new cross-channel attacks and is affecting how ATM operators approach data security, executives from three of the world's leading ATM manufacturers explain in this exclusive interview.
American Airlines reports that unauthorized individuals obtained usernames and passwords from third-party sources to access a limited number of its customers' frequent flier program accounts. United Airlines was recently hit by a similar scheme.
Following the Paris terror attacks, the French government plans to strengthen its surveillance laws, while the British prime minister has promised to allow intelligence agencies to penetrate any encrypted communications.
North Korean leader Kim Jong-un was set to star in a satirical video game, in which he battled the forces of imperialist oppression with the help of unicorns and narwals - until hackers apparently disrupted game development.