Credit reporting giant Equifax has negotiated a proposed settlement that could reach $700 million to resolve federal and state probes into its massive 2017 data breach, as well as a nationwide class action lawsuit. The company's total post-breach tab is likely to exceed $2 billion.
The impact of the massive American Medical Collection Agency data breach continues to grow. At least two more laboratories have said their patients' data was potentially compromised by the breach. Meanwhile, court filings accuse AMCA of a lack of "cooperation and transparency" in the wake of the incident.
Bulgaria's national cybercrime unit has arrested a 20-year-old local man for his alleged role in breaching the country's tax servers and exposing the financial details and other personal data of nearly 5 million citizens, according to news media reports.
Software vulnerabilities sometimes have an uncanny knack of revealing themselves, even when a bug hunter is looking someplace else. Sam Curry's probing eventually revealed a cross-site scripting flaw in a Tesla service, which netted him a $10,000 bounty.
Health insurer Premera Blue Cross has signed a $10 million HIPAA settlement with the attorneys general of 30 states in the wake of a 2014 data breach that exposed personal information on more than 10.4 million individuals nationwide.
The relationship between American Medical Collection Agency and its laboratory clients affected by the company's data breach will be closely examined as breach-related lawsuits progress, says attorney Paul Hales, a HIPAA specialist, who explains why.
The data protection gloves have finally come off in Europe after GDPR enforcement began last May - the U.K.'s privacy watchdog has proposed large post-breach sanctions against British Airways and Marriott. Consider the tables now turned on firms that fail to properly safeguard personal data.
Canonical Ltd., a British company that offers commercial support and services for the popular Ubuntu Linux open source operating system, is investigating a hack of its GitHub page over the weekend. The source code for the system was not affected, the company says.
Increasingly, regulators are looking to hold individual executives accountable for data breaches. This is where attorney Aravind Swaminathan steps in to represent security leaders in legal actions. What are the potential liabilities?
Reducing risk is a tall order, but IBM's Christopher Bontempo says healthcare security leaders can get immediate and measurable results by concentrating on two aspects: data security and incident response.
The debate over whether the U.S. government should have the right to force weak crypto on Americans has returned. Here's what hasn't changed since the last time: mathematics and the choice between strong crypto protecting us or weak encryption - aka backdoors - imperiling us all.
A former Equifax CIO who sold his stock in the company after learning about its 2017 data breach several months before the public and government agencies were informed has been sentenced to four months in prison for insider trading. Another former Equifax executive was sentenced on similar charges last year.
Increasingly, cyber attackers are molding technology and human intelligence into blended threats that prey upon vulnerable defenses. Chester Wisniewski of Sophos lays out how organizations can become more mature in preparedness and response.