The ISMG Security Report leads with a report on Federal CIO Tony Scott partly blaming the way Congress funds agencies for the 2015 breach of computers at the Office of Management and Budget that exposed 21.5 million records.
Web portal Rambler - likened by some to a Russian version of Yahoo - was reportedly hacked in 2012, resulting in the theft nearly 100 million user credentials. But the company disputes some aspects of the supposed breach.
Hutton Hotel says it failed to spot that its point-of-sale systems were compromised by malware for over three years. Separately, Noble House is now warning that its breach investigation uncovered 10 malware-infected hotels or restaurants.
Dear customer: "The security and privacy of your systems are our priority." Cue a new breach notification, this time from Lightspeed POS, which sells a cloud-based point-of-sale product used by 38,000 organizations.
To the annals of super-bad historical mega breaches that no one knew about, add two new entries: Dropbox and Last.fm. Hackers reportedly stole tens of millions of usernames and passwords from each in 2012.
Kimpton Hotels & Restaurants is warning that all 62 of its hotels suffered a POS malware infection this year that resulted in the compromise of cardholder data. So far it's unclear if the attack relates to breaches of Oracle MICROS or other POS vendors.
The way the U.S. federal government funds information technology served as a major contributor to last year's breach of computers at the Office of Personnel Management that exposed 21.5 million records, says Federal Chief Information Officer Tony Scott.
Just as seasonal flu viruses change from year to year, so too malware threats quickly evolve, necessitating a behavioral-based approach to security, says John Woods, CISO of pharmacy software vendor PDX Inc.
A report on an FBI warning to state election officials that their IT systems could be hacked leads the latest edition of the ISMG Security Report. Also, Australian officials mull bitcoin technology to secure elections.
The Department of Health and Human Services offers a model for applying multifactor authentication for privileged users, a new report illustrates. On the other hand, a second report shows HHS, like many healthcare organizations, is struggling to manage wireless security vulnerabilities.
Medical device cybersecurity is an important area of focus that needs a brighter spotlight. But a new report questioning the security of certain cardiac devices from St. Jude Medical Inc. raises some serious ethical issues about the whistleblowers.
Two hotel chains - Millennium and Noble House - are warning that they've suffered point-of-sale malware infections that compromised customers' payment card data. Both say they were alerted to related card fraud by the U.S. Secret Service. Could the breaches be tied to the Oracle MICROS breach?