Luxury clothing retailer Neiman Marcus has disclosed that a December 2015 breach compromised more sensitive information than first thought. It also disclosed a fresh attack in January that exposed names, contact information, email addresses and purchase histories.
Following the Westminster attack in London, Britain's home secretary scapegoated social networks and end-to-end encryption communications. Is it possible her government has a messy domestic political issue that it's trying to avoid discussing?
Not too fast, not too slow. Notwithstanding regulations and contractual obligations, that's legal and security experts' consensus on how quickly organizations that suspect they've been breached should notify individuals whose information may have been exposed.
A look at experts promoting blockchain as a secure way to share cyberthreat information leads the latest edition of the ISMG Security Report. Also, how sound waves pose a threat to IoT devices, smartphones and medical devices.
New Mexico lawmakers have overwhelmingly approved the Data Breach Notification Act. If signed, as expected, by Gov. Susana Martinez, Alabama and South Dakota would be the only states without such a statute.
With apologies to Troy Hunt, the last thing you want to see in the morning as you're having your first cup of coffee and scanning the interwebz for cat videos is a notice from his "Have I Been Pwned" breach-alert service.
What did Yahoo executives know about multiple data breaches and attacks that the company suffered, and when did they know it? Those questions have continued to dog Yahoo as it negotiates its sale to Verizon for the now-discounted price of $4.5 billion.
Televisions that spy on their users have long been a trope of dystopian fiction, including George Orwell's "1984." But the spying TV appears to be far from fictional, according to a new settlement agreement reached between the FTC and smart-TV maker Vizio.
The subscription-based breach notification service LeakedSource appears to have gone dry. Security expert Troy Hunt says the privacy writing has been on the wall for the site, owing to it selling access to stolen personal data.
U.S. authorities are reportedly investigating whether Yahoo should have notified investors faster about two separate data breaches that it suffered in 2013 and 2014. Until last year, one breach remained undetected and the full severity of the other was not understood.
A 2015 incident involving unauthorized access to a database that healthcare professionals use to check insurance eligibility of patients appears to have resulted in a breach affecting 220,000 individuals, according to just-released details.
The number of reported U.S. data breaches hit an all-time high in 2016, according to Identity Theft Resource Center. But for half of all breaches, the number of exposed records isn't known. And what about all of the breaches that just haven't come to light?
In a reminder of HIPAA's tough requirements for breach notification, federal regulators have issued a $475,000 financial settlement and corrective action plan for Chicago-based Presence Health tied to its tardy notification for a 2013 paper records breach affecting only about 800 individuals.
For the second year in a row, the vast majority of health data breach victims were affected by hacker attacks in 2016, and the trend shows no signs of abating. Experts offer forecasts for breach trends in the year ahead.