Dear customer: "The security and privacy of your systems are our priority." Cue a new breach notification, this time from Lightspeed POS, which sells a cloud-based point-of-sale product used by 38,000 organizations.
To the annals of super-bad historical mega breaches that no one knew about, add two new entries: Dropbox and Last.fm. Hackers reportedly stole tens of millions of usernames and passwords from each in 2012.
Kimpton Hotels & Restaurants is warning that all 62 of its hotels suffered a POS malware infection this year that resulted in the compromise of cardholder data. So far it's unclear if the attack relates to breaches of Oracle MICROS or other POS vendors.
The way the U.S. federal government funds information technology served as a major contributor to last year's breach of computers at the Office of Personnel Management that exposed 21.5 million records, says Federal Chief Information Officer Tony Scott.
At least some of the alleged cybersecurity vulnerabilities in St. Jude Medical cardiac devices that were found by research firm MedSec Holdings don't necessarily translate to serious clinical risks for patients, says medical device security expert Kevin Fu.
Just as seasonal flu viruses change from year to year, so too malware threats quickly evolve, necessitating a behavioral-based approach to security, says John Woods, CISO of pharmacy software vendor PDX Inc.
A report on an FBI warning to state election officials that their IT systems could be hacked leads the latest edition of the ISMG Security Report. Also, Australian officials mull bitcoin technology to secure elections.
Cybersecurity expert Joshua Corman analyzes the importance of properly handling disclosure of medical device vulnerabilities to avoid jeopardizing patients' health. He laments that the proper protocol was not followed when allegations about devices from St. Jude Medical, which the firm refutes, were made public.
The Department of Health and Human Services offers a model for applying multifactor authentication for privileged users, a new report illustrates. On the other hand, a second report shows HHS, like many healthcare organizations, is struggling to manage wireless security vulnerabilities.
Medical device cybersecurity is an important area of focus that needs a brighter spotlight. But a new report questioning the security of certain cardiac devices from St. Jude Medical Inc. raises some serious ethical issues about the whistleblowers.
Two hotel chains - Millennium and Noble House - are warning that they've suffered point-of-sale malware infections that compromised customers' payment card data. Both say they were alerted to related card fraud by the U.S. Secret Service. Could the breaches be tied to the Oracle MICROS breach?
A UAE-based activist targeted by a rare and valuable remote exploit for Apple's mobile software has caused concern over the continued sale of powerful spying tools to governments with poor human rights records.