A lawsuit seeking class action status has been filed in the aftermath of a data breach impacting 150 million users of Under Armour's MyFitnessPal mobile application and website. But the apparel maker has asked the court to compel arbitration of the case.
Hackers have reportedly demanded a ransom from Bank of Montreal and Simplii Financial in exchange for not dumping 90,000 customers' account details on a fraud forum. The FBI says online extortion and ransomware remain the top two types of cybercrime it's seeing today.
Large data breaches make headlines, trigger stock price slips and often lead to executives getting fired. But security consultant Eric Pinkerton's study of breached businesses - including Ashley Madison, Equifax and Uber - finds that many organizations not only recover from breaches, but end up thriving.
Leading the latest edition of the ISMG Security Report: Cybersecurity expert Brian Honan provides insights on why organizations that are not yet compliant with GDPR need to focus on several key steps. Also: An assessment of the progress women are making in building careers in information security.
Two of Canada's biggest banks are investigating claims by "fraudsters" that they accessed their customers' data. At risk: 50,000 Bank of Montreal customers and 40,000 Simplii Financial customers. Both banks say they've alerted potentially affected customers and plan to cover any losses.
A messy legal case involving a 2017 privacy breach that has already cost Aetna about $20 million in settlements has taken yet another twist. The health insurer has filed a lawsuit against two organizations that represented plaintiffs in an earlier privacy-related dispute, attempting to recoup some costs.
Canadian citizen Karim Baratov has been sentenced to serve five years in U.S. federal prison after he admitted to hacking and identity theft charges connected to his working as "hacker for hire" for alleged Russian FSB officers, who have been tied to a massive 2014 breach of Yahoo.
What happens if organizations that must comply with GDPR have yet to achieve compliance, despite having had two years to do so before enforcement began? Don't panic, says cybersecurity expert Brian Honan, but do be pursuing a data privacy transparency and accountability action plan.
File-less malware is a huge security challenge for organizations today, and traditional email security controls aren't sufficient to meet the challenge. Burke Long of Lastline offers insight on a new way to approach email security.
Leading the latest edition of the ISMG Security Report: Reports on the impact enforcement of the EU's General Data Protection Regulation, which began Friday, will have on the healthcare and banking sectors. Plus an assessment of GDPR compliance issues in Australia, which offer lessons to others worldwide.
To judge by the flood of GDPR-themed email hitting inboxes, Europe's privacy law has been designed to ensure that you say "yes" to companies that monetize the buying and selling of your personal details, regardless of whether you remember ever having done business with them before.
Will federal regulators finally tackle long overdue rulemaking related to a HITECH Act provision calling for the Department of Health and Human Services to share money collected from HIPAA settlements and penalties with breach victims?