Sally Beauty Supply says that a four-week investigation shows that the retailer suffered a six-week point-of-sale malware attack at U.S. stores, compromising card data for an unknown number of customers.
Wire fraud perpetrated via business email compromises has quickly become a top concern for banking institutions. Now one bank fraud executive predicts this type of fraud could exceed $1 billion this year.
Another large hacker attack has been revealed in the healthcare sector. But unlike three recent big cyber-attacks, which targeted health insurers, this latest breach hit a healthcare provider organization. Experts weigh in on mitigation steps.
Five best practices noted in version 3.0 of the PCI Data Security Standard will become requirements after June 30, with remote access and third-party risks the key focus - particularly for smaller merchants.
Using personal information gained from third-party sources to circumvent authentication protections, hackers breached 100,000 accounts of taxpayers who had used the IRS's "Get Transcript" application, which has been temporarily shuttered.
MasterCard's breach settlement with Target has been derailed after not enough card issuers agreed to the terms. Now MasterCard is expected to attempt to renegotiate, while banks continue with a class-action lawsuit against the retailer.
One of the world's largest dating websites - self-described "thriving sex community" AdultFriendFinder.com - is investigating reports of a data leak containing details of 3.9 million users' personal details and sexual preferences.
Britain's computer emergency response team - CERT-UK - reports that malware remains the dominant mode of online attack for cybercriminals, and Zeus their most preferred tool of choice. But the team is promoting a free information-alert service to help.
A U.S. Department of Commerce proposal to restrict the export of so-called "intrusion software" to prevent foreign adversaries from acquiring zero-day exploits has raised concern in the developer community.
While the "Logjam" vulnerability raises serious concerns, there's no need to rush related patches into place, according to several information security experts. Learn the key issues, and how organizations must respond
Although the CareFirst BlueCross BlueShield breach is the third major hacker attack against a health insurer revealed in recent months, experts warn that other organizations, including health information exchanges, could be targeted next.
CareFirst BlueCross BlueShield is the latest health insurer to be targeted by a sophisticated hacking attack. It recently discovered that an intrusion into a database in June 2014 resulted in a breach affecting 1.1 million individuals.