The U.S. Secret Service is combining its electronic and financial crimes units into a single task force that will focus on investigating cyber-related financial crimes such as BEC schemes and ransomware attacks. The move comes as lawmakers want the Secret Service to take a more active role in fighting cybercrime.
U.S. prosecutors this week unsealed an indictment against the alleged hacker "Fxmsp" after his identity was revealed in a cybersecurity firm's report. That sequence of events has raised questions about information sharing and highlighted law enforcement's reliance on private cybersecurity researchers.
The number of companies and individuals affected by an April ransomware attack on managed care provider Magellan Health continues to grow. This illustrates the risks faced by interconnected organizations in the healthcare sector.
Canadian information privacy regulators have ordered medical testing laboratory LifeLabs to improve its data security practices following their investigation of a 2019 breach that exposed the health data of 15 million individuals.
Why are some breach notifications delayed for months? This week, a company that operates senior care facilities in North Carolina and South Carolina issued a statement offering a step-by-step explanation.
Greg van der Gaast, head of information security at the University of Salford in the United Kingdom, has strong opinions on why some security investments aren't reaping maximum benefits. "We are addressing problems too far downstream," he says.
Many ransomware gangs hell-bent on seeing a criminal payday have now added data exfiltration to their shakedown arsenal. Gangs' extortion play: Pay us, or we'll dump stolen data. One massive takeaway is that increasingly, ransomware outbreaks also are data breaches, thus triggering breach notification rules.
The recent leak of 269 GB of sensitive data from more than 200 police departments and the FBI could be a sign that law enforcement agencies are becoming a prime target for hackers, given recent civil unrest.
Four recent cybersecurity incidents that may have involved ransomware demonstrate the ongoing threats facing the sector during the COVID-19 pandemic. They also serve as a warning that extra watchfulness is needed as physicians reopen their clinics.
When organizations eventually allow employees to return to their offices after the COVID-19 crisis subsides, they may discover "more network intrusions, data exfiltration and data breaches," says U.K. cybercrime expert Andrew Gould, who implores organizations to report these incidents to authorities.
Britain's failure to contain COVID-19 - despite Prime Minister Boris Johnson promising a "world-beating" effort - now includes a failed digital contact-tracing app. A new version, built to work with Apple and Google APIs, may be released by winter. Really, what's the rush?