A report that a Russian hacker group dubbed "CyberVor" is hoarding more than 1 billion stolen passwords triggered worldwide concern, but security experts caution that scant details have been revealed, making the threat tough to judge.
The Office of the National Coordinator for Health IT's initial oversight of organizations authorized to test and certify electronic health records software did not adequately ensure that patient data within EHRs is secure, a new report concludes.
Today's sophisticated attackers use ever-stealthier malware and zero-day exploits to evade traditional security defenses, making organizations increasingly vulnerable to advanced persistent threats (APTs). These APTs seek to exfiltrate critical data over the long term.
A Russian cyber gang has breached over 420,000 web and FTP sites to pilfer over 1.2 billion credentials, according to Hold Security, saying it discovered "what could be arguably the largest data breach known to date."
Target Corp.'s net breach expenses not covered by insurance are expected to total $146 million for its most recent three quarters following the company's massive December 2013 data breach that compromised payment card information.
Cybersecurity researchers at the Georgia Tech Research Institute are developing a tool known as BlackForest that amasses information from the Internet to give organizations an early warning of a pending cyber-attack.
Among the major data breaches reported during the week of July 28 was an incident at Irish online gambling site Paddy Power that impacted 650,000 customers. View this week's infographic of the top five breaches for the week.
To fill a gap in professional development and educational resources for healthcare information security leaders, the College of Healthcare Information Management Executives has launched a new offshoot group for healthcare CISOs.
A U.S. federal court judge has upheld a warrant requiring Microsoft to give the Justice Department copies of e-mails being stored at a data center in Dublin. But Microsoft plans to appeal the ruling on privacy grounds.
A U.S. appeals court has agreed to hear Wyndham Worldwide's appeal regarding what authority the FTC has over corporate data security. The dispute stems from a suit the FTC brought against the hotel chain following three payment card data breaches.