Déjà vu "smart toy" information security fail: Spiral Toys, maker of internet-connected CloudPets, is under fire for exposing 821,000 user records online - now being ransomed - as well as links to 2.2 million parents' and children's voice recordings.
What did Yahoo executives know about multiple data breaches and attacks that the company suffered, and when did they know it? Those questions have continued to dog Yahoo as it negotiates its sale to Verizon for the now-discounted price of $4.5 billion.
Every year, information security professionals flock to San Francisco for the annual RSA Conference. From the debut of "Trumpcryption" to cybersecurity's "greatest hits" set to hip-hop violin, here are some of the 2017 event's highlights.
The Healthcare Information and Management Systems Society's 2017 Conference will offer a slew of educational sessions and informative exhibits focused on top cybersecurity and data privacy challenges facing the healthcare sector. Catch our coverage.
Televisions that spy on their users have long been a trope of dystopian fiction, including George Orwell's "1984." But the spying TV appears to be far from fictional, according to a new settlement agreement reached between the FTC and smart-TV maker Vizio.
Karl West, CISO of Intermountain Healthcare, and Mike Nelson, vice president of healthcare solutions at DigiCert, provide an analysis of the FDA's recent guidance on cybersecurity for medical devices. They'll also be speaking on that topic at the HIMSS 2017 Conference in Orlando, Fla.
Federal HIPAA enforcers smacked a Texas pediatric hospital with a $3.2 million civil monetary penalty after investigating breaches involving unencrypted mobile devices and uncovering longstanding failures to comply with HIPAA. What lessons does the case offer?
The number of reported U.S. data breaches hit an all-time high in 2016, according to Identity Theft Resource Center. But for half of all breaches, the number of exposed records isn't known. And what about all of the breaches that just haven't come to light?
Donald Trump's inauguration has led to a call for a mass online protest of questionable legality designed to "occupy" the White House website. Separately, Anonymous has threatened Trump with "regret" and promised to unearth compromising information.
In its second HIPAA enforcement action for 2017, HHS has slapped an insurer with a $2.2 million settlement in the wake of a relatively small breach, citing the company's lack of timely corrective action.
Although HIPAA requires healthcare organizations to conduct a periodic security risk analysis focused on systems containing PHI, larger entities should also perform more comprehensive security self-assessments, advises CISO David Loewy of SUNY Downstate Medical Center, who explains his approach.
The lack of a smoking gun - absolute certainty - has some security experts not entirely convinced that the Russians or their backers hacked Democratic Party computers in an attempt to sway the U.S. presidential election.
Coming soon to an internet service provider near you: routers infected by IoT device botnet-building malware such as Mirai. The latest victim is ISP TalkTalk, which is updating routers to block DDoS attackers who have been seizing control of the devices.
Hacker incidents continue to dominate major breaches reported to the Department of Health and Human Services. Among the latest incidents added to the HHS tally: an attack at an Atlanta clinic affecting more than 530,000 individuals. What can be done to address the risks?