Massive breaches, such as the recent hacker attack on health insurer Anthem, highlight why it's important for organizations to understand their breach notification obligations under state laws as well as HIPAA, says attorney Brad Rostolsky.
Information on 50,000 drivers for ride-sharing service Uber was breached in May 2014, the company discovered in September and announced on Feb. 27. Uber has launched a related lawsuit and is seeking records from code-sharing website GitHub.
Anthem Inc. now confirms that the health insurer's recent data breach compromised a database containing personal information on 78.8 million individuals, with information on millions potentially stolen.
Nine days after revealing that hackers gained access to personal data on millions of its customers, health insurer Anthem on Feb. 13 began offering victims two years of free credit monitoring and ID theft insurance, plus "identity repair assistance."
Ten state attorneys general have criticized Anthem Inc. for being too slow to communicate with those affected by its massive data breach. But the health insurer says it will post details Feb. 13 on how victims can enroll for certain free services.
Not wanting to "let a good crisis go to waste," White House Cybersecurity Coordinator Michael Daniel is using health insurer Anthem's massive data breach to promote the Obama administration's cybersecurity initiatives.
Health insurer Anthem Inc. has suffered a massive data breach after hackers gained access to a corporate database reportedly containing personal information on as many as 80 million of its current and former U.S. customers and employees.
The Malaysia Airlines website was the victim of an apparent DNS settings attack on Jan. 26, for which the hacking group Lizard Squad claimed credit. The hacking group began leaking some travelers' itineraries.
As the number of major health data breaches continues to climb, federal regulators are taking steps to make the process of reporting breaches using online tools more efficient, hoping that will help ease the launching of investigations.
President Obama urged Congress in his State of the Union address to pass legislation to better meet the evolving cyberthreat, but spent very little of the speech explaining its dangers or detailing his cybersecurity legislative agenda.
North Korean leader Kim Jong-un was set to star in a satirical video game, in which he battled the forces of imperialist oppression with the help of unicorns and narwals - until hackers apparently disrupted game development.
President Obama's call for enactment of a national data breach notification law has been widely welcomed by business groups and privacy advocates, but their endorsements come with a big proviso: What's in it? The White House hasn't furnished details.
As the U.S. Postal Service's investigation into its breach continues to unfold, it's now reporting that certain health information for approximately 485,000 current and former employees was potentially compromised.
After the complete collapse of network security at Sony Pictures - in the wake of its data breach - it's important that we highlight some of the organization's fundamental security mistakes. Here's a macro view of the lessons we must all learn.
In determining the right time to issue a breach notification, organizations have to carefully weigh the risk of premature notification based on insufficient facts versus tardy notification that can have an impact on their reputation.