How were four Russians and a Ukrainian allegedly able to steal more than 160 million payment card numbers from corporate networks over seven years? An indictment announced by U.S. Attorney Paul J. Fishman provides details.
Federal authorities announced indictments this week in a massive fraud scheme involving 160 million payment cards. Here is a rundown on the businesses affected by those attacks, and the data that was compromised.
Proposed breach notification legislation before Australia's parliament hopes to curb the disclosure of information to other countries. Privacy lawyer FranÃ§oise Gilbert explains the provision's significance.
Draft legislation circulating in the Senate, if enacted, would serve as Congress' endorsement of President Obama's order to create best practices that industry could voluntarily adopt, says Jacob Olcott, the former counsel to the committee that wrote the bill.
Frustration over the growing number of retail breaches is heating up. See what our readers had to say after the malware attack that hit MAPCO Express, and why they believe PCI compliance isn't enough to ensure security.
Angered over the Edward Snowden revelations, DEF CON says the feds should take a 'time-out' from this year's hackers' conference. But a top DHS cybersecurity policymaker says he's still invited to participate in a conclave panel discussion.
Preliminary results of the 2013 Faces of Fraud Survey show institutions are still suffering big financial losses linked to ACH and wire fraud. Why are they still getting hit, in spite of investments to detect and prevent account takeover?
Insurer WellPoint has agreed to pay the Department of Health and Human Services $1.7 million to settle a HIPAA case stemming from a website data breach that may have exposed information on more than 612,000 individuals.
Losses linked to retail breaches have fueled class action lawsuits on behalf of consumers. But Javelin's Al Pascual says banks are soon likely to take legal action, too, in breach cases that expose cards and lead to fraud.
FISMA and the Privacy Act allow agencies to redact personally identifiable information from public postings. But the IRS says another law requires it to post public forms without altering them to remove PII. What's the agency to do?
After a federal court dismissed a class action lawsuit filed against Adventist Health System in the aftermath of a breach affecting 763,000 patients, another lawsuit was immediately filed in a state court. Find out the details.