Federal regulators have issued a final version of a strategic health IT plan for 2015 to 2020 designed to help guide government activities. But some experts say the plan is thin on privacy and security measures, such as the need to update HIPAA to address evolving cyber threats.
Responding to U.S. government criticism of China over its persistent online economic espionage campaigns, Chinese President Xi Jinping says that the Chinese government does not hack other nations, or support Chinese companies that do so, and calls for those responsible for cyberattacks to be prosecuted.
A lawsuit has been filed in the aftermath of a hacker attack on Excellus BlueCross BlueShield that potentially exposed information on 10.5 million individuals. Meanwhile, an Illinois court has dismissed more claims in the consolidated case against Advocate Health in the wake of a 2013 breach.
Apple is moving to contain an outbreak of malicious apps being distributed via its official App Store that were infected with XcodeGhost malware. Hundreds of apps and millions of users were reportedly infected.
A second Russian has pleaded guilty in connection with the largest U.S. hacking scheme, which compromised more than 160 million payment card numbers. But three other alleged conspirators have yet to be arrested.
A Russian hacker who was extradited to the United States earlier this year has admitted his role in the largest hack attack in U.S. history, which resulted in the theft of 160 million payment card numbers. Find out how much time he could spend in prison under his plea agreement.
Sutter Health's revelation that a former employee inappropriately sent patient information to a personal email account in violation of the organization's policy is yet another reminder of the privacy risks posed by email communication.
The U.S. payments infrastructure will come up far short of completing the rollout of EMV technology by the Oct. 1 fraud liability shift date. Experts say high costs, a perceived lack of consumer demand and doubts about EMV's ability to significantly reduce card fraud are to blame.
The latest revelation of a cyber-attack against a health insurer - this time Excellus BlueCross BlueShield - illustrates why it's so important for healthcare organizations to frequently scrutinize systems for intrusions. Experts offer analysis.
A password-cracking group claims that, because of coding errors made by Ashley Madison's developers, it has been able to recover 11.2 million users' plaintext passwords. The group believes that up to 15 million of the dating site's passwords can be easily cracked.
Yet another health insurer - Excellus BlueCross BlueShield - has belatedly discovered that its systems were hacked. The breach potentially exposed information on 10.5 million individuals, was discovered in August, but appears to have begun in 2013.
Mozilla, which maintains the Firefox browser, says an attacker infiltrated its bug-tracking tools, stole information on an unpatched flaw, and exploited users for at least three weeks, before the flaw was patched.
Sony Pictures Entertainment has reached a tentative deal to settle a class-action lawsuit filed against it, stemming from its 2014 data breach, which resulted in the leak of personal information for up to 50,000 employees.
The HHS Office for Civil Rights is getting closer to resuming the HIPAA compliance audit program, says OCR Director Jocelyn Samuels. Plus, OCR has completed another major breach-related settlement, and it's firming up plans for several new compliance-related initiatives.