An NSA contractor who worked for Booz Allen Hamilton has been accused of stealing top-secret documents that the U.S. says could endanger national security. The documents are critical to a "wide variety of national security issues," the Department of Justice says.
Three recent criminal cases involving hospital insiders who allegedly committed a variety of fraud, identity theft or egregious privacy violations that victimized patients highlight just how difficult it is to mitigate insider threats.
The handling of a recent data breach - the details of which are still unfolding - by Oakland, Calif.-based web services company Regpack provides a look into how the discovery and disclosure of a breach can turn into a real train wreck.
Wells Fargo will pay $185 million in fines over employees illegally subscribing customers to banking products they didn't request - creating 2 million ghost accounts in the process - in what appears to be one of the largest cases of identity theft ever recorded.
A former administrative worker at a Florida pediatric practice has been indicted in federal court along with two others for alleged identity theft and fraud crimes involving stolen patient information. But why didn't prosecutors file HIPAA-related criminal charges?
While hackers and ransomware attacks have been hogging the spotlight lately, regulators are warning healthcare entities and their business associates not to underestimate the serious security and privacy threats that insiders can pose.
Bank of the West's new approach to the insider threat is focused less on detection, more on preventing fraud in the first place. David Pollino tells why a "noisy" insider fraud program is more effective than covertly monitoring employee activity.
Reacting to strong complaints from retailers, three major card brands have finally taken steps toward reducing the amount of counterfeit fraud chargebacks to U.S. merchants, which began as a result of the EMV fraud liability shift last October. But was the action by the brands bold enough?
A report that the Russian government hacked into Democratic National Committee systems has security experts warning that just because malware was found on a hacked network, that doesn't mean a specific individual, group or nation-state was involved.
The $1 million penalty that the SEC imposed on Morgan Stanley for its failure to prevent a former employee from compromising 730,000 client accounts is too low to send a strong message to financial services firms about the need for stronger cybersecurity and internal fraud controls, security experts say.