Privacy Attorney Lisa Sotto says the Epsilon e-mail breach is a warning about the state of data security employed by some third-party service providers. Strong contracts related to security practices must be the norm, not the exception.
"Persistent" is the operative word about the advanced persistent threat that has struck RSA and its SecurID products. "If the bad guys out there want to get to someone ... they can," says David Navetta of the Information Law Group.
"It is the biggest breach we have ever seen; and to say no financial information has been stolen is, well, understating the massive breach and concern," says Neil Schwartzman, founder and chief security specialist at CASL Consulting.
A California hospital is notifying more than 514,000 patients of a breach of a limited amount of personal information stemming from the theft of an unencrypted computer.
After the revelation of Operation Aurora, the term began to take on a different meaning. "In essence," IBM's X-Force report says, "APT became associated with any targeted, sophisticated or complex attack regardless of the attacker, motive, origin or method of operation."
Three recent breach incidents, each involving the loss or theft of back-up drives, illustrate that some organizations are doing a better job than others in informing consumers about the steps they're taking to prevent more breaches.
Although many organizations are using encryption to protect data on mobile devices, they're often overlooking other important ways to prevent health information breaches, says Terrell Herzig, information security officer at UAB Medicine.
An Illinois childcare agency has articulated a revised security policy, including the use of encryption, in announcing a breach involving the apparent theft of three back-up unencrypted portable hard drives.
Users of RSA's SecurID two-factor authentication products, acting on advice from the company, are devising strategies to monitor for threats and take preventive steps in the aftermath of a hacker attack against the products.
The American National Standards Institute is teaming up with the Shared Assessments Program to create a report offering healthcare information breach prevention tips.
RSA executives haven't been commenting publicly since the security solutions vendor revealed last week it had been victimized by a sophisticated cyberattack aimed at its SecurID two-factor authentication product. But weeks before the hack, I spoke with RSA Chief Technology Officer Bret Hartman about advanced...
RSA has sent a detailed letter to its clients regarding the recent attack against its SecurID two-factor authentication products. It's also hosting customer information calls this week.
As part of its outreach to customers in the wake of the SecurID breach, security solutions vendor RSA has issued a Customer FAQ. Here is an excerpt of that document, as shared with Information Security Media Group by RSA customers.
Marcus Ranum isn't just a well-regarded information security expert. He's also a customer of the RSA SecurID product, and he's got some strong feelings about the RSA breach and how the industry has responded to it.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.