Covered entities find it difficult to prevent unauthorized access to patient data by members of their staffs. Preventing breaches involving insiders at business associates can be even trickier, as an incident affecting Meritus Health illustrates.
More than 3,000 National Health Service patients had their personal data exposed when an employee lost an unencrypted memory stick in a parking lot, violating NHS policies. But creating policies isn't the same as enforcing them.
Italian surveillance software maker Hacking Team has confirmed that it was hacked and recommends police, law enforcement and government agencies suspend their use of its software, pending a full breach investigation.
OpenDNS's Andrew Hay sees danger confronting many enterprises in the era of the "Internet of Things" as Internet-ready consumer devices, not architected for security, find their way onto corporate networks, often unbeknown to administrators.
Hacking Team, an Italian vendor of "easy-to-use offensive technology" that it sells to government agencies, has been hacked. Leaked customer lists reportedly name the FBI and DEA, plus the governments of Bahrain, Russia and Sudan, among others.
An unconfirmed post-breach report for bitcoin exchange Bitstamp shows the organization was targeted by a sustained attack that combined phishing via email and Skype with macro malware to successfully steal almost 19,000 bitcoins, worth $5 million.
Cisco announced plans to pay $635 million to purchase cloud security firm OpenDNS to better secure the "Internet of Everything." OpenDNS says the acquisition will leave its products and personnel intact.
Would encryption, two-factor authentication and other measures stop a determined adversary from stealing millions of U.S. government personnel files? No, a former CIA CISO says. Read how Robert Bigman would defend against OPM-style cyber-attacks.
Following its mega-breach, the U.S. Office of Personnel Management suspends use of its online background check application system, citing a vulnerability. Also, the agency now faces a breach-related lawsuit filed on behalf of federal workers.
The Department of Justice has announced the indictments of two individuals in separate fraud cases affecting the University of Pittsburgh Medical Center. The cases spotlight the challenges healthcare organizations face in the fight against fraud.
Just how bad is the U.S. Office of Personnel Management breach? Consider that spies may now have access to every secret - sexual, financial, familial, medical - shared by personnel seeking security clearances to access classified U.S. information.