In this week's breach roundup, read about the latest incidents, including a malware attack that potentially affected 59,000 clients of the L.A. Gay & Lesbian Center, which offers healthcare and other services.
Lawmakers have raised concerns that the Food and Drug Administration hasn't been as forthright as it should in disclosing an October breach that exposed personally identifiable information of 12,000 to 14,000 individuals.
The theft of 2 million credentials reminds security professionals that their organizations are at risk because many employees use the same passwords and devices for personal and business purposes, data security lawyer Ronald Raether says.
You can be outraged that the NSA collects Internet communications records of U.S. citizens. But don't be surprised, says sociologist William Staples. This is just one example of our "culture of surveillance."
Many healthcare providers and their business associates have a long way to go with their HIPAA compliance efforts. But two new resources from federal regulators could help pave the way to better security.
NIST will soon start writing the "final" version of its cybersecurity framework, a guide to information security best practices for operators of the nation's critical infrastructure. But should it be beta tested?