A lawsuit seeking class action status filed against UW Medicine in the wake of a data leak incident has been amended to reflect that at least one HIV patient allegedly had their data exposed. Why are data breaches tied to IT misconfiguration a growing problem?
A business email compromise group targeting U.S. businesses is using G-Suite for their scams and collecting money through physical checks instead of wire transfers, according to the security firm Agari.
The FBI has arrested a suspect who's charged in connection with waging distributed denial-of-service attacks against the campaign website of an unsuccessful 2018 Democratic candidate for the U.S. House in California.
New Mexico is suing Google, alleging the company violates a federal child privacy law by collecting the personal data of students younger than age 13 without their parents' consent. Google rejects the lawsuit's claims, saying they are "factually incorrect."
A newly released report offers a glimpse into how European Union authorities are applying the General Data Protection Regulation to some of the biggest U.S. technology firms, including social media giants Facebook and Twitter.
Implementing the concept of "privacy design" requires a series of critical steps, says Heikki Tolvanen, chief legal engineer at PrivacyAnt, a Finland-based privacy consulting firm, who offers insights on mistakes to avoid.
A U.S. Defense Department agency that's responsible for providing secure communications and IT equipment for the president and other top government officials says a data breach of one of its systems may have exposed personal data, including Social Security numbers.
U.S. and U.K. officials are blaming the Russian military for launching an October 2019 cyberattack on the country of Georgia that crippled at least 2,000 government, news media and court websites over the course of one day.
Mobile banking customers are being targeted by yet another SMS phishing campaign, according to new research from IBM X-Force. This time, however, in addition to trying to steal usernames and credentials, the attackers are also attempting to install Emotet malware.
ISS World, a global facilities maintenance company based in Denmark, says it's gradually restoring its systems after a malware attack on Monday. The company says it has identified the root cause but has not said if ransomware was involved.
A home healthcare company has filed 17 breach reports after a ransomware attack on its cloud-based electronic health records vendor last December, illustrating once again how a vendor breach can have a wide impact.
The U.S. Census Bureau has not done enough to address cybersecurity issues in preparation for the 2020 census, which is slated to begin in April, according to a new report from the Government Accountability Office.