A breach notification letter sent by Sony Pictures Entertainment to its employees offers a conclusive look at the amount of personal information, including healthcare data, taken by hackers following a Nov. 24 "wiper" malware attack.
The sentencing of a former Alabama hospital worker to two years in prison for his role in an ID theft incident that resulted in tax refund fraud, and a related class action lawsuit, illustrate that insider threats are a major ongoing challenge, two privacy experts say.
Three weeks after attackers launched a wiper malware attack against Sony Pictures Entertainment and began leaking stolen data, Sony has threatened legal action against media outlets that publish related information.
HHS is acknowledging the need to ensure healthcare organizations of all sizes have timely access to the latest cyberthreat intelligence. But the agency needs to take prompt, bold leadership action on this issue.
A report claiming that Las Vegas Sands Corp. was hit with a "wiper" malware attack back in February, similar to one that recently affected Sony Pictures Entertainment, illustrates why more organizations need to mitigate the risks of such an attack.
Congress this week passed four cybersecurity bills, and a commonality among all of the measures is that they strengthen the Department of Homeland Security as a cybersecurity force within the federal government.
Learn why the Department of Health and Human Services is reassessing how its many internal agencies, and the entire healthcare sector, can boost cyberthreat intelligence sharing and analysis to minimize risks.
Information security experts are questioning the accuracy of a news report that claims Sony Pictures Entertainment is attempting DDoS attacks to disrupt sites that are providing copies of stolen Sony data.
The so-called Red October APT gang may have emerged from hiding. Two research firms report finding advanced attacks that target firms across the financial, oil and engineering sectors, as well as government embassies, primarily in Eastern Europe.
A new version of the Destover malware includes a legitimate certificate from Sony. But a researcher claims it's a hoax. Meanwhile, new evidence emerges that the hackers who attacked Sony Pictures Entertainment had criminal - not nation-state - intentions.
Federal regulators are sending a powerful message about the importance of applying software patches by slapping an Alaska mental health services providers with a $150,000 HIPAA sanction. Learn what's included in the corrective action plan.
The "wiper" malware attack against Sony Pictures Entertainment has numerous commonalities with previous wiper attacks in Saudi Arabia and South Korea. This infographic summarizes the attacks and highlights their similarities.
The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.