Heartland Payment Systems hacker Albert Gonzalez seeks to overturn his conviction and 20-year sentence, a record for a computer breach, maintaining he committed his crimes with the knowledge of his Secret Service handlers.
The Epsilon e-mail breach has opened the door for what experts fear could be 'massive spear phishing attacks.' Here are 7 security tips to help organizations protect themselves and their customers.
Two Connecticut state agencies are investigating a health information breach incident at Midstate Medical Center that may have compromised information on 93,500 patients.
A Connecticut hospital is notifying 93,500 of its patients about a breach incident involving data that was downloaded to a personal hard drive in violation of the organization's policies.
The federal government's official tally of major health information breaches now confirms the recent Health Net incident affected 1.9 million individuals, making it the largest breach on the list. Meanwhile, at least four state agencies are now investigating the incident.
When it comes to e-marketing and the reliance on third parties such as Epsilon, Nicolas Christin of Carnegie Mellon University says banks and merchants should "come clean" about the information they share with outside entities.
Communicating with customers about the incident and warning them not to click links in phishing e-mails are all these impacted institutions and companies really can do, says Jeremiah Grossman, chief technology officer of WhiteHat Security.
Privacy Attorney Lisa Sotto says the Epsilon e-mail breach is a warning about the state of data security employed by some third-party service providers. Strong contracts related to security practices must be the norm, not the exception.
"Persistent" is the operative word about the advanced persistent threat that has struck RSA and its SecurID products. "If the bad guys out there want to get to someone ... they can," says David Navetta of the Information Law Group.
"It is the biggest breach we have ever seen; and to say no financial information has been stolen is, well, understating the massive breach and concern," says Neil Schwartzman, founder and chief security specialist at CASL Consulting.
A California hospital is notifying more than 514,000 patients of a breach of a limited amount of personal information stemming from the theft of an unencrypted computer.
New authentication guidance, when it is passed down federal banking regulators, needs to pay more attention to mobile, says former Bank of America executive David Shroyer.
After the revelation of Operation Aurora, the term began to take on a different meaning. "In essence," IBM's X-Force report says, "APT became associated with any targeted, sophisticated or complex attack regardless of the attacker, motive, origin or method of operation."
Three recent breach incidents, each involving the loss or theft of back-up drives, illustrate that some organizations are doing a better job than others in informing consumers about the steps they're taking to prevent more breaches.
An Illinois childcare agency has articulated a revised security policy, including the use of encryption, in announcing a breach involving the apparent theft of three back-up unencrypted portable hard drives.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.
