The disagreements continue over Australia's efforts to pass legislation that would help law enforcement counter encryption. Technology companies and civil liberties organizations contend the latest draft of legislation would allow for too much secrecy and imperil privacy and security.
Building on the success of the NIST Cybersecurity Framework, the National Institute of Standards and Technology is in the early stages of developing a privacy framework. The effort will kick off with a workshop Tuesday in Austin, Texas, explains Naomi Lefkovitz, who is leading the project.
Memo to hackers: Boasting about your exploits on social media channels is a good way to get caught. Indeed, Italian police say they busted a suspected hacker after he bragged not only about defacing the NASA home page but also about being part of a group calling itself "Master Italian Hackers Team."
Although HIPAA gives patients the right to access their health records in their preferred format - on paper or electronically - a new study finds discrepancies in the information hospitals provide to patients regarding the release of their records, pointing to the need for better training.
As new payment options continue to emerge via mobile phones and internet of things devices, the PCI Security Standards Council is broadening its security efforts, starting with a new standard for contactless payments coming early next year, says Troy Leach, PCI SSC's chief technology officer.
While Facebook has invalidated 90 million users' single sign-on access tokens following a mega-breach, researchers warn that most access token hijacking victims still lack any reliable "single sign-off" capabilities that will revoke attackers' access to hyper-connected web services and mobile apps.
To comply with GDPR, Facebook has notified Ireland's data privacy watchdog about the massive breach it has suffered, resulting in 50 million accounts being exposed. But Irish authorities have signaled that Facebook has failed to share all of the information they would have expected to see.
Leading the latest edition of the ISMG Security Report: The reaction to the recently released White House cybersecurity strategy. Also featured: A discussion of GDPR's impact on class action lawsuits.
Breached businesses in Europe: Brace for more class action lawsuits seeking material and non-material damages filed by victims following mandatory data breach notifications under GDPR, says attorney Jonathan Armstrong. He predicts more breach-related suits will succeed in Europe than in the United States.
Recent additions to the federal health data breach tally shine a light on the mistakes that contribute to breaches - and in some cases, make situations far worse.
WhatsApp has agreed to appoint a grievance officer for India who will handle complaints about fake news. The nation's government had demanded the action in the wake of recent mob violence triggered by fake news spread on the social media platform. But will the appointment have a significant impact?
A HIPAA-related enforcement case in Massachusetts involving two insider breaches alleges a trail of missteps, including failure to take prompt action after receiving tips about potential misuse of patient information. What can other entities learn from the mistakes?
Massive, well-resourced companies are still using live customer data - including their plaintext passwords - in testing environments, violating not just good development practices but also privacy laws. That's yet another security failure takeaway from last year's massive Equifax breach.
The latest edition of the ISMG Security Report takes a look at the EU's General Data Protection Regulation, including the outlook for enforcement and common misconceptions about its provisions.
HIPAA privacy violations can come in many forms. Case in point: Federal regulators have smacked three Boston hospitals with settlements totaling nearly $1 million for allowing crews for the documentary TV show "Save My Life: Boston Trauma" to film on their premises without obtaining authorization from patients.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.