In many healthcare entities, the amount of data that is being generated and retained continues to grow - and that mounting trove of legacy data is often never disposed, expanding the surface for cyberattacks and other compromises, says Matthew Bernstein of consulting firm Bernstein Data.
Fintech company Block faces a putative class action demanding damages for customers affected by a 2021 data breach that affected 8.2 million individuals. The company, formerly known as Square and co-founded by former-Twitter CEO Jack Dorsey, disclosed the breach in April.
The ongoing COVID-19 pandemic continues to fuel new opportunities for cybercriminals, malicious insiders and other adversaries who are posing new security threats to the privacy of patient health data, says attorney Erik Weinick of law firm Otterbourg P.C.
Retailer Sephora has been fined $1.2 million as part of a settlement agreement with California's attorney general, over accusations that it violated the California Consumer Privacy Act by failing to disclose that it was selling customers' data and not honoring their opt-out requests.
The latest edition of the ISMG Security Report discusses how ransomware-as-a-service groups are shifting their business models, how investigators battling cybercrime have been hindered by GDPR, and how employees consider workplace "choice" a key factor for job satisfaction.
Cybersecurity experts have been reacting to industry veteran Peiter Zatko's allegations of poor information security practices at Twitter, with many noting that he's hardly the first expert to have been hired to remedy serious problems, only to say they were prevented from doing their job.
A breach investigation into an incident initially appearing to affect only one individual has turned into a $300,640 HIPAA settlement for a dermatology practice that was subsequently discovered to be improperly disposing many patient information for more than a decade.
An online search by cybersecurity firm Cyfirma found more than 80,000 unpatched cameras made by Hangzhou Hikvision Digital Technology Co. Attackers could exploit the vulnerability to add the cameras to a botnet or as a launching point for lateral movement deeper into the camera operator's network.
Twitter's former security chief, Peiter Zatko, aka "Mudge," filed a whistleblowing complaint against the social media giant with the U.S. Securities and Exchange Commission, alleging that "extreme, egregious deficiencies" in its cybersecurity remain unresolved.
Ransomware karma: The notorious LockBit 3.0 ransomware gang's site has been disrupted via a days-long distributed-denial-of-service attack, with administrator LockBitSupp reporting that it appears to be retribution for the gang leaking files stolen from a recent victim: security firm Entrust.
Implementation of security service edge technology has progressed over the past six months from early adopters to mainstream organizations, with requests for proposals around SSE projects now carrying tight deadlines rather than no deadline at all, says iboss co-founder and CEO Paul Martini.
The Identity Theft Resource Center's new report shows a 1,044% increase in social media account hijacking. Banking fraud is also rising, with scammers focusing on using stolen personal data to open new banking and credit card accounts in victims' names, says COO James Lee.
Four ISMG editors discuss how security leaders determine the right level of security for the business, the growing risk of business ID theft to enterprises, and the arrest of a developer suspected of working for cryptocurrency mixing service Tornado Cash, for "facilitating money laundering."
The extremely diverse architectures and systems within the tens of thousands of very specialized types of medical devices used in clinical settings adds to the complexity healthcare organizations and manufacturers face in managing cybersecurity risk for these products, says Phil Englert of H-ISAC.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.