The HHS Office for Civil Rights, which enforces HIPAA, is urging healthcare organizations and business associates to take steps to better address vulnerabilities in third-party software applications that pose a risk to patient data security.
Cybercrime continues to be incredibly lucrative. Yet many of the techniques being wielded by connected criminals aren't new, said security expert Mikko Hypponen of F-Secure in a keynote speech at this week's Infosec Europe conference in London.
Akamai warns of a rash of less sophisticated attempts to extort companies by threatening to strike with distributed denial-of-service attacks, which can be expensive for organizations to defend against.
An lawsuit filed by a medical tourism firm against its web hosting provider highlights issues that healthcare organizations need to consider in their relationships with business associates, including cloud services providers.
The theft of an unencrypted laptop that may have contained information on up to 400,000 inmates who served time in California prisons has been added to the federal tally of health data breaches. Experts say notifying all those potentially affected could prove challenging.
TeamViewer is strengthening the security of its remote access application after an uptick in account takeovers that the company says is the result of hackers reusing account credentials from recent data breaches.
Will a federal appellate court ruling in favor of a Minnesota bank that sued its insurer for coverage of costs associated with a fraudulent wire transfer have a big impact on similar cases? Experts offer an analysis.
The theft of a backpack holding a laptop computer and paper documents containing medical information on perhaps thousands of NFL players serves as a lesson in the importance of safeguarding all health information, even for entities falling outside of HIPAA's reach.
Russian police have arrested 50 people in connection with an investigation into a hacker group suspected of unleashing a five-year series of malware-enabled hack attacks on major Russian financial institutions and stealing $25 million.
A federal judge has cleared the way for a class-action lawsuit filed by card issuers against Home Depot over the retailer's massive 2014 payments breach to proceed. In making the ruling, the judge noted that the banks' allegations regarding the retailer's security negligence appear to have merit.
Since the theft of $81 million from the central bank of Bangladesh came to light in February, investigators have continued to probe similar SWIFT-related attacks against four other financial services firms, dating back to at least 2013.
MySpace has confirmed it is resetting millions of accounts affected by the release of 360 million usernames, email addresses and passwords. According to one expert, more of these types of big breach announcements may be coming.