"This is a business that should have known better," U.K. Deputy Information Commissioner David Smith says. "There's no doubt in my mind that they had access to both the technical knowledge and the resources to keep this information safe."
The proposal, in the form of a bill, lays out a framework that can balance the needs and concerns of government and the private sector and keep Americans safe, says Sen. Tom Carper, one of the measure's chief sponsors.
Hacktivists on Jan. 22 threatened more DDoS attacks against U.S. banks and claimed they recently hit three institutions. Despite banks' improvements in staving off online outages, the longevity of the attacks is concerning, experts say.
It's not malware, crime rings or hacktivists. What, then, are among the threats that concern security leaders most? CISO Tom Newton offers new insight on today's top threats and strategies to combat them.
Banks have improved DDoS defenses, but ensuring ongoing online reliability requires a more offensive measure - one that rids the Internet of vulnerable sites that can too easily be used for bot traffic.
As the Zaxby's restaurant breach investigation begins, the high-profile point-of-sale breach involving Subway restaurants has ended in a prison sentence for one of the four accused Romanian fraudsters.
Independent monitoring shows U.S. banks doing a better job of deflecting DDoS attacks. Nevertheless, DDoS expert John Walker says the attackers continue to represent "a growing threat" to all organizations.
Banking institutions have spent the last two years enhancing authentication to conform to regulatory mandates. Organizations in other sectors can learn important authentication lessons from the banking industry.
In this week's breach roundup, British Columbia's health minister has confirmed personal health data for millions of individuals was accessed for research purposes without authorization, and a Canadian agency lost a device containing student loan information for almost 600,000.
The long overdue final HIPAA omnibus rule has been released. The package includes extensive modifications to the HIPAA privacy, security and enforcement rules as well as an updated version of the HIPAA breach notification rule.