Proposed breach notification legislation before Australia's parliament hopes to curb the disclosure of information to other countries. Privacy lawyer Françoise Gilbert explains the provision's significance.
The author of the forthcoming book "Secrets and Leaks" explains why the acts of NSA whistleblower Edward Snowden don't carry the same weight as those of Pentagon Papers leaker Daniel Ellsberg.
Draft legislation circulating in the Senate, if enacted, would serve as Congress' endorsement of President Obama's order to create best practices that industry could voluntarily adopt, says Jacob Olcott, the former counsel to the committee that wrote the bill.
Frustration over the growing number of retail breaches is heating up. See what our readers had to say after the malware attack that hit MAPCO Express, and why they believe PCI compliance isn't enough to ensure security.
Another retail malware attack, this time against the upscale restaurant chain Roy's, proves hackers are honing their tactics, experts say. But investigations are thwarting compromises sooner.
Angered over the Edward Snowden revelations, DEF CON says the feds should take a 'time-out' from this year's hackers' conference. But a top DHS cybersecurity policymaker says he's still invited to participate in a conclave panel discussion.
The recent firings of six workers at Cedars-Sinai Medical Center offers yet another reminder for health records snoopers everywhere: Curiosity kills your job.
Preliminary results of the 2013 Faces of Fraud Survey show institutions are still suffering big financial losses linked to ACH and wire fraud. Why are they still getting hit, in spite of investments to detect and prevent account takeover?
Insurer WellPoint has agreed to pay the Department of Health and Human Services $1.7 million to settle a HIPAA case stemming from a website data breach that may have exposed information on more than 612,000 individuals.
Losses linked to retail breaches have fueled class action lawsuits on behalf of consumers. But Javelin's Al Pascual says banks are soon likely to take legal action, too, in breach cases that expose cards and lead to fraud.
FISMA and the Privacy Act allow agencies to redact personally identifiable information from public postings. But the IRS says another law requires it to post public forms without altering them to remove PII. What's the agency to do?
After a federal court dismissed a class action lawsuit filed against Adventist Health System in the aftermath of a breach affecting 763,000 patients, another lawsuit was immediately filed in a state court. Find out the details.
Distributed-denial-of-service attacks pose a persistent, genuine threat to all sectors. That's why we've created the DDoS Resource Center to fill the information gaps.
The agency that administers Indiana's Medicaid program is notifying almost 188,000 clients of a possible breach of their data tied to an apparent programming error by a business associate.
Some organizations may need to reconsider how they assess whether incidents are reportable breaches under the HIPAA Omnibus Rule, explains privacy expert Kate Borten.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.