New York state's financial regulator has reportedly subpoenaed Equifax - in the wake of it suffering a breach affecting 143 million U.S. consumers - seeking extensive documentation, including when and how the credit-reporting agency discovered the breach and responded.
Too many organizations continue to address breach response from a reactive mode - having a crude disaster-recovery plan in place in case something "does" happen, rather than accepting that something "will" happen and proactively preparing for it. In this session, a panel of legal, technical and law-enforcement experts...
Organizations need to develop "a friendly business relationship" with law enforcement so they can share information about a data breach to help with the investigation, says Luis Cerritos of the Royal Canadian Mounted Police.
Richard Smith has exited the Equifax building. Following in the footsteps of the CIO and CSO, Richard Smith - Equifax's embattled CEO and board chairman - has "retired" following the company suffering a massive breach that has left millions of Americans at risk of identity theft.
The chairman of the Securities and Exchange Commission, Jay Clayton, promised the Senate banking committee Tuesday that his agency is pursuing numerous cybersecurity improvements in the wake of a May 2016 breach.
Experts speaking out on how boards of directors and CISOs must do a better job in strengthening board involvement on cybersecurity matters leads the latest edition of the ISMG Security Report. Also, "Catch Me if You Can" impostor Frank Abagnale on the Equifax hack.
"Big four" accounting firm Deloitte suffered a breach last year that may have exposed 5 million internal emails as well as usernames and passwords, client information and health details, the Guardian reports.
Analyzing the impact of a breach of computers at the U.S. Securities and Exchange Commission leads the latest edition of the ISMG Security Report. Also, exploring alternative plans to implement cybersecurity regulations on credit reporting bureaus in the wake of the Equifax breach.
Hackers behind the mega-breach at Equifax stole data in May, but they - or other attackers - penetrated the credit bureau's systems in March, exploiting a vulnerability for which Apache Struts had issued a patch, just four days prior.
A hacking incident at a Nebraska-based medical supply company ranks as the second largest business associate health data breach reported so far this year. A log review was the key to detecting the intrusion.
Equifax is disputing Bloomberg's report that it suffered an undisclosed data breach, discovered in March, that predates the massive breach that began in May. Instead, Equifax says the March incident involved its payroll service and that it notified all victims and required regulators.
In the latest edition of the ISMG Security Report: a look at the former Equifax chief information security officer and whether her lack of academic credentials in IT or IT security is relevant to the massive breach at the credit reporting agency.
Pressure continues to mount on credit reporting bureau Equifax over its massive data breach. In its wake, Equifax announced that its CIO and CSO would "retire" immediately and said that the Apache Struts flaw exploited by attackers was known to the security team.
Top IT security and information risk experts, including former RSA Executive Chairman Art Coviello, analyze the struggles Equifax faces in the wake of a massive data breach in the latest edition of the ISMG Security Report.