At a hearing on the role the Interior Department played in a recent breach at the Office of Personnel Management, the Interior deputy inspector general painted a picture of how a hacker might have breached the agency's computer system.
In the wake of several mega breaches affecting its affiliates, the Blue Cross Blue Shield Association says all 36 of its affiliated plans will offer free identity protection services for as long as individuals are enrolled in their insurance coverage.
The OPM breach is not just the biggest in U.S. government history. It's also likely a classic case of third-party risk management, says Jacob Olcott of BitSight Technologies. What are the key lessons to be learned?
Federal regulators have slapped a Boston area hospital with a $218,000 HIPAA penalty after an investigation following two security incidents. Experts analyze the lessons that the settlement agreement offers.
A day after the Office of Personnel Management confirmed that security breaches exposed to hackers the personal information of more than 22 million individuals, Katherine Archuleta has resigned as director of the agency.
As the U.S. Office of Personnel Management total breach victim count hits more than 22 million, many lawmakers are calling for the OPM's director to be fired. Meanwhile, the White House says it's weighing its response against the hackers responsible.
A breach of an U.S. Office of Personnel Management system used to conduct security clearance background checks exposed the personal information of 21.5 million individuals, the agency announced July 9.
FBI Director James Comey says the White House plans to confirm that the U.S. Office of Personnel Management data breach exposed "millions and millions" of background-check records. Meanwhile, a second union has now sued OPM over the breach.
Although they apparently weren't caused by cyber-attacks, the impacts of computer failures at the New York Stock Exchange, United Airlines and the Wall Street Journal have much in common with the aftermath of breaches.
Is it wrong that accused Lizard Squad hacker Julius Kivimaki, a teenager who was convicted of 50,700 "instances of aggravated computer break-ins" attacks, gets to walk away without having to serve any jail time?
Warning: All versions of Flash Player are vulnerable to a zero-day, weaponized exploit that became public when Italian spyware vendor Hacking Team was hacked, and 400 GB of corporate data leaked. Adobe has released an update to patch the flaw.
The healthcare sector lags behind the financial sector when it comes to the maturity of vendor risk management programs, a new study confirms. Risk management experts Rocco Grillo and Gary Roboff analyze the work yet to be done.
Covered entities find it difficult to prevent unauthorized access to patient data by members of their staffs. Preventing breaches involving insiders at business associates can be even trickier, as an incident affecting Meritus Health illustrates.
More than 3,000 National Health Service patients had their personal data exposed when an employee lost an unencrypted memory stick in a parking lot, violating NHS policies. But creating policies isn't the same as enforcing them.
Italian surveillance software maker Hacking Team has confirmed that it was hacked and recommends police, law enforcement and government agencies suspend their use of its software, pending a full breach investigation.