The latest revelation of a cyber-attack against a health insurer - this time Excellus BlueCross BlueShield - illustrates why it's so important for healthcare organizations to frequently scrutinize systems for intrusions. Experts offer analysis.
A password-cracking group claims that, because of coding errors made by Ashley Madison's developers, it has been able to recover 11.2 million users' plaintext passwords. The group believes that up to 15 million of the dating site's passwords can be easily cracked.
Yet another health insurer - Excellus BlueCross BlueShield - has belatedly discovered that its systems were hacked. The breach potentially exposed information on 10.5 million individuals, was discovered in August, but appears to have begun in 2013.
Mozilla, which maintains the Firefox browser, says an attacker infiltrated its bug-tracking tools, stole information on an unpatched flaw, and exploited users for at least three weeks, before the flaw was patched.
Sony Pictures Entertainment has reached a tentative deal to settle a class-action lawsuit filed against it, stemming from its 2014 data breach, which resulted in the leak of personal information for up to 50,000 employees.
The HHS Office for Civil Rights is getting closer to resuming the HIPAA compliance audit program, says OCR Director Jocelyn Samuels. Plus, OCR has completed another major breach-related settlement, and it's firming up plans for several new compliance-related initiatives.
The U.S. Office of Personnel Management promises that it will soon notify 21.5 million individuals that their background-check information was breached. Meanwhile, the government has lined up notification and response services for future needs.
Information security experts offer two timely Apple iOS device reminders: First, never jailbreak the devices. Second, enterprise security managers must ensure that they ruthlessly block any jailbroken devices from accessing corporate networks because they pose a security risk.
Former U.S. Secret Service agent Shaun W. Bridges has pleaded guilty to stealing $820,000 worth of bitcoins during the U.S. government's investigation into the underground narcotics marketplace known as "Silk Road."
The FBI estimates fraud losses linked to so-called business email compromise scams worldwide have exceeded $1.2 billion in less than a year. But some financial fraud experts say the losses from this largely overlooked threat could be even higher.
The departure of Noel Biderman as CEO of Avid Life Media, parent company of the infidelity website Ashley Madison, represents a growing recognition of corporate executives' responsibility for data security.
The FBI has arrested a former manager at Machine Zone, which makes the multiplayer "Game of War: Fire Age," over allegations that he attempted to bargain sensitive corporate information for a better severance package.
An appellate court has upheld the Federal Trade Commission's authority to play a key regulatory role in cybersecurity as it relates to the protection of consumer data against breaches. Legal experts evaluate the long-term implications.
Breached dating site Ashley Madison is offering a $500,000 reward for information relating to the attack. The FBI, which is leading the investigation, is treating the breach as a national-security matter.