State regulators fined a New York hospital $300,000 to settle privacy violations related to the organization's prior use of tracking tools in its websites and patient portal. Regulators said the hospital violated HIPAA rules in sharing patient information with third parties for marketing purposes.
The European Central Bank beginning this month will conduct cyber stress tests on banks to determine their resilience against cyberattacks. The agency is requiring 109 banks in Europe to perform vulnerability assessments and incident response evaluations by mid-2024.
Hackers celebrated the year-end holidays with a malicious "Free Leaksmas" posting on the dark web, releasing 50 million stolen consumer records, including credit card information. Researchers said the leaked data can be used for identity theft and fraud.
As we bid farewell to 2023, Philip Reitinger, president and CEO of the Global Cyber Alliance, reflected on the state of global cyber hygiene, shedding light on what's working, what needs improvement, and the transformative shifts necessary to achieve a cyber-secure future.
Joe Kim, president and CEO of Sumo Logic, delved into the company's strategic shifts and future priorities after its acquisition by Francisco Partners this year. The company is now focusing on areas such as cloud-native scalability, technological advancements and a customer-centric approach.
Looking ahead to 2024, cybersecurity professionals and experts in artificial intelligence shared with ISMG their hopes for strong, responsible regulations and new partnerships with private sector stakeholders and international collaborators to keep pace with the evolving threat landscape.
In conjunction with a new report from CyberEd.io, Information Security Media Group asked some of the industry's leading cybersecurity and privacy experts about 10 top trends to watch in 2024. Ransomware, emerging AI technology and nation-state campaigns are among the top threats.
It's time for companies dealing with non-HIPAA-regulated health information to plan their compliance with Washington state's My Health My Data Act, which goes into effect in the new year and affects organizations that are based in other states, said attorney James Hennessy of law firm Reed Smith.
Microsoft has deactivated a tool designed to simplify the installation of Windows applications after hacking groups began exploiting the functionality to distribute malware loaders, leading to infections involving backdoors and ransomware.
Emerging geopolitical rivalry in the Asia-Pacific region made cybercrime a handy tool for nations to mount disruptive attacks on their rivals in 2023, forcing many countries to double down on cyber defense plans. Here's how some of the leading APAC countries responded to growing threats.
Educational institutions are prime targets for ransomware and other cyberattacks due to their open nature and troves of sensitive data, requiring continuous investment in cyber defenses and strong security practices, said Steve Zuromski, CIO at Bridgewater State University in Massachusetts.
Google reached a preliminary settlement in a class action lawsuit that alleged the tech giant had misled consumers about their privacy protections when using the private browsing Incognito mode of its Chrome web browser. The settlement came on the heels of a court ruling clearing the case for trial.
This week, a breach at real estate firm Wealth Network exposed 1.5 billion records, Corewell Health patients were hit by a second breach, data of 1.3M LoanCare mortgage customers was exposed, and Yakult Australia admitted to experiencing a "cybersecurity incident" that exposed 95 gigabytes of data.
Legacy medical gear continues to pose big cyber challenges to healthcare entities. A joint report by the Food and Drug Administration and MITRE Corp. emphasizes the importance of entities taking a consistent risk-based approach to managing these and other devices, said Jessica Wilkerson of the FDA.
The U.S. Department of Defense released a draft of a long-awaited proposed rule for the Cybersecurity Maturity Model Certification program that aims to simplify compliance, enhance public-private coordination and better protect sensitive information from cyberthreats.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.