Target Corp. has reached a proposed $39.4 million settlement with a group of financial institutions that sued the retailer over fraud losses and expenses suffered as a result of Target's December 2013 data breach.
Three Greek banks are the latest DDoS shakedown targets of online attackers, who demanded a payment of 20,000 bitcoins ($7.2 million) to cease their attempted banking site disruptions. Security experts say such attacks are on the rise.
In the second largest financial penalty ever issued as part of a HIPAA resolution agreement, federal regulators have smacked Puerto Rico-based health insurer Triple-S Management with a $3.5 million fine as a result of multiple breaches. It's the company's second large fine from a government agency.
The security of Internet-connected toys is in the limelight after toymaker VTech acknowledged suffering a data breach that affects 5 million accounts and personal information and photographs relating to more than 200,000 children.
As the U.S. moves toward faster payments, it must include new payments providers, such as Apple Pay and Square, as well as banks in all efforts to ensure security, says David Lott of the Federal Reserve Bank of Atlanta.
A security incident involving keystroke logging malware that apparently started at a Kentucky hospital three years ago - but was only recently discovered after a tip from the FBI - offers a reminder of the urgency of keeping anti-malware protection and mitigation efforts current.
The FBI is pursuing a suspected Russian hacker who reportedly amassed a trove of 1.2 billion stolen online credentials, plus payment card data and Social Security numbers, and who's offered access to hacked Facebook and Twitter accounts.
Federal regulators have announced an $850,000 HIPAA settlement with Lahey Hospital and Medical Center stemming from an investigation into the theft of a laptop that was used to operate a medical device.
The Federal Trade Commission's Bureau of Consumer Protection plans to appeal an FTC administrative law judge's initial decision to dismiss the FTC's data security enforcement case against LabMD, a cancer testing laboratory.
Reversing recent claims that it was unaware of any data breaches, hotel chain Hilton Worldwide now says it suffered a POS malware infection that affected an unspecified number of hotels, customers and payment cards in 2014 and 2015.
Credit rating agency Moody's Corp. warns that cyber defenses as well as breach detection, prevention and response will be higher priorities in its analysis of the creditworthiness of companies across all sectors, including healthcare and financial services.
Dell is moving to patch a customer-support application preinstalled on many laptops and PCs after security researchers found that it installs a root certificate that could be abused by attackers to intercept private data.
With the heightening of the threat of cyber-attacks to America's critical infrastructure, a congressional watchdog says federal agencies need to adopt better metrics to determine the risks specific to the industries they monitor.
Starwood Hotels and Resorts has confirmed a point-of-sale breach, but card issuers say they don't believe the Starwood breach is isolated, and that fraud patterns indicate that another, perhaps larger breach, is impacting cards across the country.
More than four years after the POS swap attack that struck 80 Michaels craft stores throughout the U.S., details about how the attackers pulled off their scheme have finally emerged. Read why one expert says this was a crime of cash, not cards.