Although far fewer major health data breaches these days involve the loss or theft of unencrypted mobile devices, regulators are reminding healthcare entities to remain vigilant to the risks involved in using laptops and other portable computing devices.
Many enterprises use remote desktop protocol to remotely administer their PCs and mobile devices. But security experts warn that weak RDP credentials are in wide circulation on darknet marketplaces and increasingly used by ransomware attackers.
Nearly 50,000 personal records relating to Australian government employees as well as the employees of two banks and a utility were exposed to the internet due to a misconfigured Amazon storage server. The episode is the latest in a string of large breaches to hit Australia.
Thom Langford, CISO of Publicis Groupe, says all companies should consider two essential elements when crafting an incident response plan: strong legal representation and a communications plan that considers both internal and external messaging.
CareFirst BlueCross BlueShield has filed a petition asking the Supreme Court to review a case filed against the health insurer in the wake of a 2014 cyberattack that impacted 1.1 million individuals, potentially becoming the first health data breach case to reach the high court.
The U.S. Justice Department has identified at least six members of the Russian government that investigators believe orchestrated last year's hack of Democratic National Committee computers and dumping of stolen information and may file charges next year, the Wall Street Journal reports.
A 21-year-old man appeared in British court this week to face 11 charges, including using DDoS attacks to disrupt sites run by Google, Pokemon and Skype, as well as money laundering and selling malware and "crypting services."
Malaysia is grappling with a sweeping data breach that exposed 46 million mobile phone records, job seeker profiles and data from medical organizations. The breach, which may have occurred in 2014, is the largest Malaysian breach to ever become public.
To help prevent breaches caused by third parties, organizations need to improve their vendor risk evaluation methods, carefully assessing their business partners' processes and risk mitigation methods, says Anuj Tewari, CISO of HCL Technologies.
Under bipartisan legislation introduced in the Senate, federal authorities would share classified cyber threat information with state election officials. The bill also would provide grants to states to support election security efforts.
As the explosive growth of the internet of things continues, it's essential to take a structured approach to implement security-by-design with secure coding and end-to-end encryption of data, says Mumbai-based Juergen Hase, CEO of Unlimit, the IoT business unit of the Reliance Group.