Privacy attorney Kirk Nahra offers an analysis of the New York state attorney general proposing updates to the state's data security laws and issuing a substantial financial penalty in a HIPAA violations case.
President Donald Trump's nominee to head the National Security Agency and U.S. Cyber Command, Lt. Gen. Paul Nakasone, faces two Senate committee hearings as part of his nomination process. He'll face questions on cyber defense, privacy and combating information warfare.
If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.
The Securities and Exchange Commission and the Department of Justice have both charged Jun Ying, a former CIO at data broker Equifax, with engaging in illegal insider trading after he determined that his employer had suffered a massive breach.
A U.S. power company, unnamed by regulators, has been fined a record $2.7 million for violating energy sector cybersecurity regulations after sensitive data - including cryptographic information for usernames and passwords - was exposed online for 70 days.
A federal judge has largely rejected a motion by Verizon to dismiss a class-action lawsuit filed by victims of three data breaches that compromised Yahoo, which is now part of Verizon. The Yahoo breaches appeared to have compromised nearly every Yahoo user's personal details at least once.
Whoever unleashed malware built to disrupt last month's Winter Olympics in Pyeongchang, South Korea, designed it to look like it had been executed by a group of hackers tied to North Korea. But researchers at the security firm Kaspersky Lab say any such attribution would be false.
The U.S. Senate is considering a banking reform bill that would ban credit agencies' practice of charging for a credit freeze, one of the crucial steps experts say can help pre-empt identity theft. Lawmakers have been under intense pressure to create laws that better protect consumers following Equifax's data breach.
The attorney general of Pennsylvania has filed a lawsuit against Uber for allegedly violating the state's mandatory breach notification law. It's the latest in a long string of legal and regulatory repercussions Uber is facing after waiting more than a year to disclose a serious breach.
Based on the feedback it received, the Office of the National Coordinator for Health IT will consider making tweaks to its proposed Trusted Exchange Framework and Common Agreement, including provisions related to privacy and security, says ONC's Genevieve Morris.
Anyone who dined out at one of 166 Applebee's restaurants in 15 states may have had their payment card details compromised by point-of-sale malware infections that began in November 2017, RMH Franchise Holdings warns.
To keep up with the ever-evolving cyberthreat landscape, healthcare organizations must combine basic security principles with advanced technologies, Kristopher Kusche, CISO at Albany Medical Center, says in an interview at the HIMSS18 conference.