Investigations of two apparently unrelated phishing-related breaches that affected members of Presbyterian Health Plan have revealed the incidents had an even bigger and broader impact than originally thought. This underscores the challenges organizations can face when assessing the true impact of breaches.
Organizations that suffer a security incident must be prepared to rapidly respond. Here are eight incident response essentials they must follow, from executing their breach response and notifying stakeholders to activating external service providers and working with regulators.
Surviving a data breach requires having a plan, and experts say such plans must be continually tested, practiced and refined. They describe seven essential components for building an effective data breach response playbook.
Digital streaming platform Mixcloud says it's the victim of a data breach after an attacker shared personal data for registered users with several media outlets, including Vice and ZDNet. The data on 21 million users is for sale in an underground market.
Adobe says its e-commerce Magento Marketplace has been breached, exposing usernames, email addresses and more. The software giant has yet to detail how many users were affected or the breach duration. Unfortunately, the stolen data could be used to fuel phishing attacks.
South Korean cryptocurrency exchange Upbit says hackers have stolen $49 million worth of ethereum, in what is the year's seventh major cryptocurrency heist. Much of the $158 million stolen so far this year is likely fueling the North Korean regime's appetite for luxury goods and weapons of mass destruction.
Macy's says hackers successfully infiltrated its e-commerce website and planted rogue JavaScript, enabling them to steal customer data, including payment card information. Macy's says the breach has been contained and all stolen card numbers shared with card issuers.
The White House has developed protocols for notifying the public of nation-state hacking or other interference during the 2020 presidential election cycle. But the full framework has not yet been released.
Hacker attacks, IT mishaps and vendor errors are among the top causes of the largest health data breaches added to the official federal tally so far this year. Here's an update.
A misconfigured billing system that caused a mailing mishap affecting nearly 83,000 individuals has prompted Texas Health Resources to file 15 breach reports to federal regulators - one for each hospital involved.
A Utah eye clinic began notifying thousands of patients last week about a 2018 breach involving a third-party portal provider. What should other healthcare organizations learn from this incident?
Two hackers have pleaded guilty in connection with an extortion campaign tied to the theft of data on about 57 million Uber customers and drivers. The incident led to a massive fine against the ride-sharing company for its tardy breach notification and weak security.
Federal regulators have smacked Jackson Health System with a $2.1 million civil monetary penalty for a series of HIPAA violations. The case is one of only a handful in which the nation's HIPAA enforcement agency imposed such a penalty, rather than reach a settlement. What can others learn from this case?
The Philadelphia Department of Public Health inadvertently exposed on its website the records of thousands of hepatitis patients, according to a local news report. The incident points to the need for better staff training, one expert says.
Personalized product retailer CafePress has been hit with a lawsuit alleging that it failed to notify 23 million customers about a data breach in a timely manner or follow security best practices. The company was allegedly still using outdated SHA-1 to hash passwords, which can be easily cracked.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
