Sutter Health's revelation that a former employee inappropriately sent patient information to a personal email account in violation of the organization's policy is yet another reminder of the privacy risks posed by email communication.
The U.S. payments infrastructure will come up far short of completing the rollout of EMV technology by the Oct. 1 fraud liability shift date. Experts say high costs, a perceived lack of consumer demand and doubts about EMV's ability to significantly reduce card fraud are to blame.
The latest revelation of a cyber-attack against a health insurer - this time Excellus BlueCross BlueShield - illustrates why it's so important for healthcare organizations to frequently scrutinize systems for intrusions. Experts offer analysis.
A password-cracking group claims that, because of coding errors made by Ashley Madison's developers, it has been able to recover 11.2 million users' plaintext passwords. The group believes that up to 15 million of the dating site's passwords can be easily cracked.
Yet another health insurer - Excellus BlueCross BlueShield - has belatedly discovered that its systems were hacked. The breach potentially exposed information on 10.5 million individuals, was discovered in August, but appears to have begun in 2013.
Mozilla, which maintains the Firefox browser, says an attacker infiltrated its bug-tracking tools, stole information on an unpatched flaw, and exploited users for at least three weeks, before the flaw was patched.
Sony Pictures Entertainment has reached a tentative deal to settle a class-action lawsuit filed against it, stemming from its 2014 data breach, which resulted in the leak of personal information for up to 50,000 employees.
The HHS Office for Civil Rights is getting closer to resuming the HIPAA compliance audit program, says OCR Director Jocelyn Samuels. Plus, OCR has completed another major breach-related settlement, and it's firming up plans for several new compliance-related initiatives.
The U.S. Office of Personnel Management promises that it will soon notify 21.5 million individuals that their background-check information was breached. Meanwhile, the government has lined up notification and response services for future needs.
Information security experts offer two timely Apple iOS device reminders: First, never jailbreak the devices. Second, enterprise security managers must ensure that they ruthlessly block any jailbroken devices from accessing corporate networks because they pose a security risk.
Former U.S. Secret Service agent Shaun W. Bridges has pleaded guilty to stealing $820,000 worth of bitcoins during the U.S. government's investigation into the underground narcotics marketplace known as "Silk Road."
The FBI estimates fraud losses linked to so-called business email compromise scams worldwide have exceeded $1.2 billion in less than a year. But some financial fraud experts say the losses from this largely overlooked threat could be even higher.
The departure of Noel Biderman as CEO of Avid Life Media, parent company of the infidelity website Ashley Madison, represents a growing recognition of corporate executives' responsibility for data security.