After settling a breach lawsuit for $17.2 million, Aetna has signed another large settlement related to privacy breaches involving mailings to its health plan members. The latest settlement with the New York state attorney general's office involves two mailings last year.
Blockchain holds potential for supporting secure health data exchange, but it has limitations that organizations need to keep in mind, says Intel's David Houlding in this in-depth interview on the technology.
Data broker Equifax has released a revised count of U.K. victims of its massive 2017 data breach, now saying 860,000 residents had their personal details exposed. The data broker is offering its own fraud-monitoring services to breach victims, provided they share their personal details.
A mailing error can have huge consequences. Case in point: Aetna has agreed to a $17.2 million settlement of a class action lawsuit filed after a data breach involving HIV drug information that was visible through envelope windows on thousands of letters.
Jason's Deli is the latest business in the hospitality or retail sector to warn that attackers used malware to steal customers' card details. The restaurant chain says 2 million payment cards were stolen from 164 restaurants during the seven-month breach.
This edition of the ISMG Security Report takes a look at how ready healthcare organizations are for GDPR compliance. Also featured: comments from Alberto Yepez of Trident Capital on the 2018 outlook for information security companies and a summary of the latest financial fraud trends.
Mobile phone retailer Carphone Warehouse has been hit with one of the largest fines ever imposed by Britain's data privacy watchdog after an attacker breached its outdated WordPress installation, exposing 3 million customers' and 1,000 employees' personal details.
One of the most alarming breaches of 2015, involving Hong Kong toymaker VTech, has resulted in a $650,000 settlement with the U.S. Federal Trade Commission. It's a warning that internet of things security shortcomings - especially involving children's personal data - will have business consequences.
The U.S. Department of Homeland Security says nearly 250,000 federal employees' personal details were exposed in a 2014 breach of its Office of Inspector General's case management system. Witness testimony and an unknown number of nonemployees' personal details also were exposed.
Information security truisms: 2017 was the year of more cybersecurity - more attacks, more spending, more defenses, more breaches - and 2018 will see more of everything "cyber," plus GDPR enforcement, proxy wars online and more.
New York-Presbyterian has more than 72,000 medical devices from over 1,400 manufacturers, says CISO Jennings Aske. Given that scale, how can a security leader help ensure device cybersecurity? Aske shares his view of what's needed from manufacturers and the government.
The U.S. Food and Drug Administration issued cybersecurity expectations for manufacturers of medical devices. But ow are those expectations being met, and what is the FDA's ongoing role in improving device security? The FDA's Suzanne Schwartz offers an update.
Fraudsters recently ordered a total of nine iPhones and Samsung S8s from Sprint and Verizon with my personal details. With the internet awash in stolen personally identifiable information, are mobile operators doing enough to prevent fraudulent orders?
It's been seven years since Dale Nordenberg, a pediatrician, became involved in the drive to improve medical device security. What progress does he see among manufacturers, government agencies and healthcare providers?