Following the Westminster attack in London, Britain's home secretary scapegoated social networks and end-to-end encryption communications. Is it possible her government has a messy domestic political issue that it's trying to avoid discussing?
Two laptops containing as many as 3.7 million voter registration records and other data were stolen from a locked room in Hong Kong. Authorities suspect the theft may be an inside job.
The FBI is warning healthcare sector entities to step up securing their file transfer protocol servers in the wake of cybercriminals stepping up their attacks. The alert is similar to an earlier FTC related warning from another government agency.
Microsoft's docs.com service has been an open window to viewing people's personal data. The company appears to have taken some steps to contain the exposure, but those watching closely say sensitive data can still be found via search engines.
Not too fast, not too slow. Notwithstanding regulations and contractual obligations, that's legal and security experts' consensus on how quickly organizations that suspect they've been breached should notify individuals whose information may have been exposed.
Like many other inventions now common in modern life, distributed cybercrime may seem trivial today. But this concept emerged little more than a decade ago and has already dominated the threat landscape.
A ransomware attack on a Texas urology practice that potentially affects nearly 280,000 patients ranks as one of the largest health data breaches reported to federal regulators this year.
With the rapid changes in the threat landscape and the risks introduced by DevOps, the cloud and other new elements, organizations need to have a continuous vulnerability assessment program as a security baseline, says Richard Bussiere of Tenable Network Security.
The U.S. Justice Department is reportedly preparing to charge multiple "Chinese middlemen" with helping to orchestrate the $81 million Bangladesh Bank heist on behalf of North Korea. Security experts have long been reporting that the attack code and tactics appear to trace to North Korea.
A look at experts promoting blockchain as a secure way to share cyberthreat information leads the latest edition of the ISMG Security Report. Also, how sound waves pose a threat to IoT devices, smartphones and medical devices.
Under HIPAA, the theft or loss of encrypted computing or storage devices is not considered a reportable data breach. But a recent incident at a Kentucky-based healthcare organization demonstrates that making a determination on whether an incident is a reportable breach isn't always clear-cut.
Cloud services firm Coupa is one of the latest business email compromise victims, after a fraudster pretending to be its CEO faked out the HR department and stole all of its 2016 employees' W-2 forms. Security experts say rigorous training remains the only viable defense.
Several recent health data security incidents serve as reminders of why healthcare entities need to stay focused on efforts to prevent and detect insider breaches, even as attention is diverted by headlines about hacker attacks.
A federal judge has granted class-action status for a breach-related lawsuit against an Alabama hospital where a former employee stole patient data and was convicted of identity theft. What's significant about the ruling?
New Mexico lawmakers have overwhelmingly approved the Data Breach Notification Act. If signed, as expected, by Gov. Susana Martinez, Alabama and South Dakota would be the only states without such a statute.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.