The U.S. Department of Justice on Thursday unsealed an indictment charging two Chinese nationals in connection with APT10 or Cloud Hopper, a cyber espionage campaign, alleging they acted in association with a government agency.
Facebook violated consumer protection law by failing to protect personal data that consumers thought they'd locked down, the District of Columbia alleges in a new lawsuit. Plus, Facebook is disputing a New York Times report that it ignored privacy settings and shared data with large companies without consent.
For the past three years, hackers have been intercepting sensitive diplomatic cables sent between EU member states after stealing passwords for accessing the EU network via a phishing attack against diplomats in Cyprus, The New York Times reports.
The number of data breach reports filed since the EU General Data Protection Regulation went into effect has hit nearly 3,500 in Ireland, over 4,600 in Germany, 6,000 in France and 8,000 in the U.K. Regulators say more Europeans are also filing more complaints about organizations' data protection and privacy practices.
A large health insurer in Western Australia shared the home addresses of some psychologists to a web-based appointment booking service, according to a news report. The health insurer belated realized after a complaint from one practitioner that some psychologists work from home.
Federal regulators and medical device maker Medtronic have issued alerts about the lack of encryption on certain cardiac programming devices that could potentially allow inappropriate access to patient information.
Twitter says that an unspecified number of its users may have been targeted by state-sponsored hackers seeking to unmask their identity. Separately, Trend Micro says Twitter has blocked an account that was posting image memes designed to remotely control malware-infected PCs.
The battle against Russian disinformation is far from over. Two in-depth Senate reports have revealed that such campaigns continue despite efforts by social media companies to cleanse their platforms. Researchers say Facebook's Instagram may be the next battleground.
Democratic senators have introduced yet another version of data security legislation that would create a federal breach notification requirement. Meanwhile, the Center for Democracy & Technology has drafted a model for a broad national privacy bill.
In the aftermath of the Marriott breach, it's fair to characterize Gartner's Avivah Litan as mad as hell and not wanting the U.S. to take it anymore. Going into 2019, Litan has policy and technology recommendations for national cyber defense.
Ireland's privacy watchdog is probing data breaches at Facebook that exposed users' private data. In the latest breach to be disclosed, Facebook has warned that for a 12-day period in September, up to 6.8 million users' private photos may have been revealed to 1,500 apps built by 876 developers.
For the second time this year, health insurer EmblemHealth has been hit with a state financial penalty in connection with a 2016 breach that exposed Social Security numbers on mailings to more than 81,000 plan members.
Organizations are increasingly moving their mission-critical applications and data to Amazon Web Services (AWS) and taking advantage of the massive compute power of Amazon Elastic Compute Cloud (Amazon EC2).
Super Micro Computer says a third-party audit of its recent and older motherboards has not turned up evidence of a spying chip as alleged in an explosive report two months ago by Bloomberg BusinessWeek. Bloomberg, however, has stood by its story despite no physical example of the malicious chip turning up.