A laptop stolen from an employee of Accretive Health last year was not encrypted "due to the oversight of an individual IT employee," the company says in a 29-page comment letter sent to Sen. Al Franken, D-Minn. That employee subsequently was fired, the company reports.
Dollars lost of fraud are one measure of an incident's impact. But the "soft" costs - loss of reputation and productivity - are the ones that most get the attention of Terry Austin of Guardian Analytics.
Too many banks and credit unions are being narrow-minded in their approaches to FFIEC Authentication Guidance conformance, by focusing on commercial accounts and neglecting retail accounts, one ACH fraud attorney says.
Accretive Health Inc., a Chicago-based medical debt collection agency, has filed a motion to dismiss the Minnesota attorney general's lawsuit against the company that stems, in part, from a data breach incident involving a stolen unencrypted laptop.
Minnesota Attorney General Lori Swanson has issued a six-volume investigative report on Accretive Health Inc., a medical debt collection company that her office sued in January in connection with a data breach incident and other business practices.
What do the proposed Stage 2 rules for the HITECH Act electronic health record incentive program have to say about encryption and other security measures? Consumer advocate Deven McGraw provides an analysis.
Weeks, months or even years often go by before organizations discover they've been hacked, not learning of the attack until law-enforcement authorities inform them, says recently retired FBI Executive Assistant Director Shawn Henry.
A court has granted final approval of the settlement of a class action lawsuit against University of Hawaii stemming from five data breaches over a three-year period that affected nearly 96,000 individuals.