The Department of Homeland Security confirms that "a potential intrusion" of the Office of Personnel Management's network occurred in March but says officials have not identified any loss of personally identifiable information.
In this week's breach roundup, read about the latest incidents, including a clerical error at a medical center that resulted in letters containing personal information being sent to the wrong recipients.
Criminals have begun targeting ATMs in Western Europe using malware, as well as a new generation of stealthier skimmers designed to capture card data and PIN codes. But the stolen data is often used for fraud elsewhere, especially the U.S.
Attorneys for Target have requested a halt in the discovery process for class action lawsuits stemming from the retailer's December 2013 data breach until the court can consider its forthcoming motions to dismiss most of the suits.
Bob Russo, long-time general manager of the PCI Council, will retire at the end of the year. Stephen Orfei, his replacement, will take the helm in September. Security experts analyze the potential impact of the change.
The "Bolware" malware gang has used Web injection and "man-in-the-browser" techniques to steal up to $3.75 billion. The attack campaign demonstrates how easily attackers anywhere in the world can commit browser-based fraud.
Oracle has stopped supporting XP, but promises the next update for Java 7 -- though not Java 8 -- will still run on XP. But for how long will this continue? Security experts chart XP's "downward spiral."
Leading this week's industry news roundup, Easy Solutions partners with Q2 to provide virtual banking solutions, while Lockheed Martin releases a new version of the Industrial Defender Automation Systems Manager.
The "Energetic Bear," a.k.a. "Dragonfly," hacking campaign targets U.S. and Western European energy firms. While the hackers appear to be backed by Russia, the purpose of their attacks remains unclear.