Web-hosting provider DreamHost reset all FTP/shell passwords for its customers after a hacker gained access to certain unencrypted passwords. The company hosts more than 1 million domains.
One reason why encryption is not more broadly used in healthcare is that so many organizations lack an updated risk assessment that identifies the role the technology can play in preventing breaches, says attorney Amy Leopard.
IT security leaders rely on penetration testing to determine whether applications are secure. But penetration tests can't be a primary source of assurance, says Jeff Williams, co-founder of OWASP.
The Europay, MasterCard, Visa standard, commonly used in most global markets, is coming to the U.S. The sooner issuers, acquirers and merchants initiate migrations, the better, says Stephanie Ericksen, head of authentication product integration at Visa.
Recently discovered viruses, consisting of Trojans and other malware, at City College of San Francisco have stolen personal banking information and other data from perhaps tens of thousands of students, faculty and administrators, says John Rizzo, president of the board of trustees.
A legal dispute between a small merchant in Utah and its former payments processor has fueled a debate over contracts between merchants and acquirers. If successful, this case could spur contractual shifts that change the way card brands view liability after card breaches.
Improved collaboration and communication between small businesses and financial institutions is the first step toward improving online security, says Mark Patterson, an ACH fraud victim. What else would help?
Skimming is a global epidemic, experts say, and global fraud losses linked to skimming will grow in 2012. So how will retailers and financial institutions respond?
U.S. and European institutions can learn from DBS Bank's example. In response to a rash of fraudulent withdrawals that cost accountholders $1 million, the bank is launching a new SMS/text alert service for ATM transactions.
A group of Saudi Arabian hackers, identified as "Nightmare," conducted distributed denial-of-service attacks Jan. 16 against the Tel Aviv Stock Exchange and El Al, Israel's national carrier.
Symantec reportedly said a 2006 breach led to the theft of the source code to its flagship Norton security software, reversing its previous position that it had not been hacked.
Security managers need the heads up from non-IT executives before they dismiss employees, some of whom might seek payback for their sacking by pilfering data or sabotaging systems, Carnegie Mellon University's Dawn Cappelli and Mike Hanley say.
Online shoe and clothing retailer Zappos.com has issued an e-mail alert to more than 24 million customers regarding a newly-discovered data breach of an internal network.
Cyberhackers are increasing their efforts to target online credentials. And phishing attacks waged against accountholders at Chase in the U.S. and Barclays in the U.K. have made it clear that banking accounts are the target.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
