A former respiratory therapist at an Ohio hospital has been indicted for HIPAA violations in connection with alleged inappropriate access to the records of nearly 600 patients. Such criminal cases remain relatively rare.
White Lodging Services Corp. has revealed a malware attack against point-of-sale systems at 10 of the hotels it manages, potentially exposing payment card data. The disclosure comes about a year after it confirmed a similar malware-related breach.
AT&T, in a settlement with the FCC, agrees to pay a $25 million fine because call center employees in Mexico, Colombia and the Philippines accessed private information from some 278,000 customer accounts without authorization.
A federal judge has dismissed a consolidated class action lawsuit filed against Horizon Blue Cross Blue Shield in the wake of a 2013 data breach. Learn how this case compares to a suit against another insurer, AvMed, which resulted in a settlement.
The DNS infrastructure underlying the Internet is the map that both the good guys and bad guys need. Dr. Paul Vixie, a member of the Internet Hall of Fame, discusses DNS' impact on the security landscape.
DDoS attacks are easy to launch yet difficult to defend against. Margee Abrams of Neustar discusses the state of DDoS and how organizations can best defend against today's potentially damaging attacks.
The Health Information Trust Alliance is attempting to launch a study, fueled by anonymized data gathered from healthcare organizations, to get a better understanding about the severity and pervasiveness of cyber-attacks in the sector.
New, advanced point-of-sale malware dubbed "Poseidon" can exfiltrate card data directly from every infected device. And security experts warn that too many retailers fail to test POS devices and segment networks to mitigate all malware threats.
The Target breach was the hot topic for many RSA 2014 attendees, but Gartner's Avivah Litan was already talking about the next Target - a UK retailer that may have suffered a similar hack, exposing payment card data.
Troy Leach of the PCI Security Standards Council says data security standards are not failing; they just aren't being applied continuously. And conformance with the Payment Card Industry Data Security Standard is just one piece of the puzzle.
Security experts advise banking institutions to take several steps, including enhancing authentication and ramping up commercial customer education, as a result of an increase in sophisticated online banking attacks involving a new variant of Dyre malware.