U.S. authorities are reportedly investigating whether Yahoo should have notified investors faster about two separate data breaches that it suffered in 2013 and 2014. Until last year, one breach remained undetected and the full severity of the other was not understood.
A 2015 incident involving unauthorized access to a database that healthcare professionals use to check insurance eligibility of patients appears to have resulted in a breach affecting 220,000 individuals, according to just-released details.
The number of people employed in the U.S. as information security analysts rocketed by 27 percent in 2016; it's more than doubled since 2011, when the Department of Labor's Bureau of Labor Statistics began to track that occupation category.
In its second HIPAA enforcement action for 2017, HHS has slapped an insurer with a $2.2 million settlement in the wake of a relatively small breach, citing the company's lack of timely corrective action.
Two Florida men have pleaded guilty to helping operate an unlicensed bitcoin exchange, Coin.mx, as a result of a wide-ranging government investigation into a massive scheme that involved hacking into multiple financial institutions, including JPMorgan Chase.
President Barack Obama has shortened the sentence of U.S. Army leaker Chelsea Manning, who passed classified documents to WikiLeaks. The move comes as the government grapples with the nuances of data leaks.
A small Indiana charity that provides support services to cancer patients is the latest apparent victim of a hacker identified as "TheDarkOverlord," an extortionist who has been tormenting the healthcare sector since last summer. But the organization is refusing to pay a ransom to retrieve lost data.
The National Institute of Standards and Technology has published its initial draft of its first revision to its cybersecurity framework, which is designed to help critical infrastructure operators and other organizations safeguard their digital assets.
HHS has issued new health data privacy guidance and announced a contest to create an online "model privacy notice generator." Plus, it's issued a reminder about the importance of reviewing and securing audit logs to help prevent and detect breaches.
England's largest health trust has been hit by a suspected cyberattack that led to IT administrators taking many systems offline at four hospitals in London while the matter gets investigated. The trust says it has not yet determined whether the disruption was malicious, but it has ruled out ransomware.
Yet another power blackout in Ukraine was the result of attackers striking via spear-phishing emails and malware, researchers have confirmed. Ukraine's president blamed the campaign on Russia and said it disrupted a number of critical infrastructure targets.
President-elect Donald Trump says he accepts the assessment of the U.S. intelligence community that Russia President Vladimir Putin directed cyberattacks against Democratic Party computers and a social media campaign in an attempt to influence the results of the U.S. presidential election.
The U.S. Federal Trade Commission has filed a complaint against router and camera manufacturer D-Link for allegedly failing to secure its products. Experts say it's the opening salvo in what could be a long-term battle to fix IoT devices.