Federal regulators have slapped health insurer Aetna with a $1 million HIPAA settlement for three 2017 breaches - including a mailing incident that exposed HIV information - that occurred within six months.
An indictment unsealed this week demonstrates the degree to which Western intelligence agencies have apparently been able to infiltrate the Russian intelligence apparatus to trace attacks back to specific agencies - and individual operators. Shouldn't Russian spies have better operational security?
MAXEX, a company that develops a digital trading platform for the secondary mortgage market in the U.S., leaked 9 GB of internal documentation as well as full mortgage applications for 23 individuals. The data was released by a Swiss-based developer who apparently was unaware it was sensitive.
Ireland's Data Protection Commissioner has launched an investigation into whether Facebook's Instagram service improperly displayed the email addresses and phone numbers of minors on its platform. Facebook, Instagram's owner, could face a GDPR fine if it's found to have violated privacy requirements.
Britain's Information Commissioner's Office announced this week a dramatic reduction in its fine against British Airways for violating the EU's General Data Protection Regulation. The company will pay a $26 million fine instead of $238 million in a case tied to a 2018 breach.
Many healthcare organizations are failing to address shortcomings in security risk management for their supply chains, says former healthcare CIO David Finn, describing findings of a recent study assessing the state of cybersecurity in the sector.
As ransomware continues to slam organizations, a lively debate has ensued about whether ransom payments should be banned in all cases. Attempting to ban ransom payments, however, likely would only make the problem worse.
As new payment trends emerge, such as the surge in ecommerce during the COVID-19 pandemic, payment card standards also must change, says Jeremy King of the PCI Security Standards Council, who will be a featured speaker at ISMG's Virtual Cybersecurity and Fraud Summit: London on Oct. 20.
A report by New York state investigators calls for Twitter and other social media companies to implement greater cybersecurity measures and advocates greater federal regulatory oversight of social media companies to help prevent the misuse of their platforms.
Hacking incidents involving ransomware attacks continue to dominate the 2020 health data breach tally, with incidents affecting two companies - Blackbaud and Magellan Health - accounting for numerous breach notifications by their clients.
Ransomware attacks remain the top cyber-enabled threat seen by law enforcement. But phishing, business email compromises and other types of fraud - many now using a COVID-19 theme - also loom large, Europol warns in its latest Internet Organized Crime Threat Assessment.
Stop me if you think that you've heard this one before: The U.S., U.K. and some allied governments are continuing to pretend that criminals will get a free pass - and police won't be able to crack cases - so long as individuals and businesses have access to products and services that use strong encryption.
Plaintiffs in the patent infringement case Centripetal Networks v. Cisco Networks won the day thanks to clear testimony and using Cisco's own technical documents in unaltered form. By contrast, the judge slammed Cisco for offering disagreeing witnesses and attempting to focus on old, irrelevant technology.
Why did Cisco, one of the world's largest and most successful networking companies, have to pay more than $2.6 billion in damages? A judge found that it infringed on four patents held by network security firm Centripetal Networks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.