A final rule spelling out requirements for state health insurance exchanges drops a proposed requirement that breaches must be reported within an hour of discovery, relying on language in contracts instead.
As victims of cyber-attacks on their domain name systems providers, The New York Times, Twitter and the Huffington Post UK may have opened themselves and their customers to more nefarious threats, a leading IT security expert says.
A malware attack that exploited a point-of-sale vulnerability of a select group of Kentucky and Southern Indiana retailers has now been linked to attacks against Schnuck Markets Inc. and four other merchants.
In this week's breach roundup, Ferris State University in Michigan is notifying 39,000 individuals that their Social Security numbers and other personal information may have been exposed as a result of a network breach.
In the wake of Arbor Network's recent discovery of a new botnet that's brute-forcing passwords on WordPress sites, security experts, including Nick Levay of Bit9, recommend beefing up password security on web applications.