The California attorney general's office has smacked Cottage Health System with a $2 million settlement in the wake of breaches in 2013 and 2015. What lessons can be learned from this significant enforcement action?
Reports that a plea deal is about to be reached for Karim Baratov - extradited from Canada to the United States on charges that he assisted Russian intelligence agents with the massive hack of Yahoo in 2014 - are premature, his attorney tells Information Security Media Group.
The steady stream of new reports about years-old breaches continues as Imgur, the popular photo-sharing service, belatedly warns that it suffered a breach in 2014 that compromised 1.7 million users' accounts.
Uber's tardy data breach notification - one year after the incident occurred - has trigged fresh questions about how quickly companies should come clean after they suffer a cybersecurity incident.
A presentation on new models to battle email phishing leads the latest edition of the ISMG Security Report. Also, did Uber mishandle ransomware response?
Give crooks credit for topicality: They remain loathe to miss a trick. Indeed, hardly any time elapsed after Uber came clean about the year-old breach it had concealed before crack teams of social engineers unleashed appropriately themed phishing messages designed to bamboozle the masses.
Britain's data privacy watchdog has launched a probe of the massive 2016 data breach suffered by Uber. More than 12 months after the breach, the ride-hailing service is scrambling to notify 57 million individuals across multiple countries that their personal details were exposed.
Uber paid hackers $100,000 to keep quiet about a 2016 breach that exposed 57 million accounts belonging to customers and drivers, Bloomberg reports. But was the payment a bug bounty, as Uber has suggested, or really an extortion payoff and hush money?
U.S. prosecutors have unsealed an indictment against an Iranian man charged with trying to extort entertainment company HBO for $6 million in bitcoins. The case marks a rare public naming of someone accused of cyber extortion, which poses an increasing risk for all organizations.
Move over Equifax. There's a massive new data breach notification in town. And Uber is still struggling to come clean about why it waited for one year to notify data breach victims and regulators.
Several significant pending legal cases, including the CareFirst lawsuit, showcase the cybersecurity challenges facing the healthcare sector, says attorney Lisa Rivera in an in-depth interview.
HealthcareInfoSecurity Executive Editor Marianne Kolbasuk McGee reflects on the just-concluded Healthcare Security Summit in New York in the latest edition of the ISMG Security Report. Also, PCI Security Standards Council CTO Troy Leach addresses ransomware risks.
Kaspersky Lab says it "inadvertently" scooped up classified U.S. documents and code from an NSA analyst's home computer, but suggests it wasn't the conduit by which the material ended up in Russian hands. It claims that the computer was riddled with malware.
Dozens of lively discussions sprung up among the healthcare CISOs, legal experts and leaders from government agencies and technology vendors at Information Security Media Group's Healthcare Security Summit in New York. So what are some of the key takeaways?
A report on new White House rules on when to disclose cybersecurity vulnerabilities to software vendors leads the latest edition of the ISMG Security Report. Also, storing passcodes in clothing.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.