The latest edition of the ISMG Security Report discusses how the leader of a "transnational cybercrime syndicate" has been arrested in Nigeria, according to Interpol. It also shares updates on U.S. privacy laws and how we can improve collaboration as an industry.
A $150 million penalty has been slapped on Twitter for deceptively using account security data of millions of users for targeted advertising, the U.S. Justice Department and the Federal Trade Commission say. Twitter says it has paid the fine and ensured that personal user data is secure and private.
Mark Zuckerberg, CEO of Facebook parent Meta, is being sued for failing to protect users of the social media platform during the Cambridge Analytica privacy scandal. The lawsuit on behalf of the District of Columbia was initiated by Washington, D.C. Attorney General Karl A. Racine.
The list of ophthalmology practices and the number of individuals affected by a December hacking incident at a cloud-based electronic health records vendor, which resulted in deleted databases, are growing as more details about the attack slowly emerge.
Ransomware group Conti, which has been holding to ransom crypto-locked Costa Rican government systems since April, has claimed on its leak site Conti News that it has "insiders" in the country's government, and that they are working toward the compromise of "other systems."
A new initiative aims to create a standards-based nationwide patient credential and matching ecosystem to ultimately improve matching patients with their electronic health information, says Scott Stuewe, CEO of DirectTrust, the nonprofit, vendor-neutral organization that is leading the effort.
In the latest "Proof of Concept," Lisa Sotto, Jeremy Grant and ISMG editors discuss the significance of Apple, Google and Microsoft supporting the FIDO protocol's passwordless sign-in standard, progress made on Biden's cybersecurity executive order and updates on U.S. cybersecurity and privacy laws.
In its most recent assault against a healthcare entity, ransomware-as-a-service operator AvosLocker claims to be behind an attack allegedly involving data theft from Texas-based CHRISTUS Health, which operates hundreds of healthcare facilities in the U.S., Mexico and South America.
A recent ransomware attack disclosed by a medication management systems provider is the latest reminder of persistent cybersecurity threats and risks facing healthcare supply chain and related vendors, as well as their customers. What's at stake?
The European Parliament has granted Europol permission to receive and process datasets from private parties and pursue research projects for better handling of security-related cases. Use of these powers will be overseen by the European Data Protection Supervisor and the Fundamental Rights Officer.
Researchers say an unsecured cloud storage bucket belonging to a nonprofit cancer organization has exposed to the internet sensitive images and related data of tens of thousands of individuals. The mishap is the latest health data-related incident involving misconfigured information technology.
Connecticut has just become the fifth U.S. state to get a comprehensive data privacy and online monitoring law, as Senate Bill No. 6 passed into law on Wednesday. The law will go into effect on July 1, 2023, which means that organizations in the state have just 14 months to prepare for compliance.
John Riggi, national adviser for cybersecurity at the American Hospital Association, and Carolyn Crandall, chief security advocate at Attivo Networks, explain why threats involving the Russia-Ukraine war are exacerbating cybersecurity pressures on healthcare sector entities in the U.S. and globally.
Smartphones used by Spain's prime minister and defense minister were infected with Pegasus spyware built by Israel's NSO Group, government officials allege. The discovery follows human rights researchers finding Pegasus infections targeting Catalonians, likely traceable to the Spanish government.