Illegal transactions on the internet have long been conducted in the cryptocurrency bitcoin. But underground vendors are accepting new kinds of virtual currency that may be safer to store and offer more privacy protections, according to a new study of 150 dark web markets and forums.
Uber CISO John Flynn tells a U.S. Senate subcommittee that the company should have told the public sooner about its 2016 data breach. He says the company's attempt to position its $100,000 payoff to hackers as a bug bounty was not appropriate.
A malware incident at Partners HealthCare that was detected last spring but was only recently determined to have exposed patient data illustrates that confirming a data breach through a forensics investigation can be difficult and time-consuming.
The number of data breaches reported by U.S. organizations reached an all-time high last year. In 2017, organizations that described how bad their breach was - and one-third did not - collectively lost 14 million payment cards and 158 million Social Security numbers, according to the Identity Theft Resource Center.
So far in 2018, 15 health data breaches have been reported to federal regulators, affecting a combined total of nearly 391,000 individuals. But why are incidents involving ransomware still so rare on the federal health data breach tally?
Coincheck, a Tokyo-based exchange, says it suffered a hack attack that led to the theft of $530 million worth of XEM cryptocurrency from its hot wallet. But the developers of XEM say they are tagging all accounts that receive the stolen funds to stop it from being converted to cash.
Data broker Equifax has released a revised count of U.K. victims of its massive 2017 data breach, now saying 860,000 residents had their personal details exposed. The data broker is offering its own fraud-monitoring services to breach victims, provided they share their personal details.
Jason's Deli is the latest business in the hospitality or retail sector to warn that attackers used malware to steal customers' card details. The restaurant chain says 2 million payment cards were stolen from 164 restaurants during the seven-month breach.
While a draft "trusted exchange framework" unveiled last week by federal regulators includes proposed components that could raise the bar for the security of health data exchange, some experts caution that elements included in the final document should not be overly prescriptive.
Personal details for 30,000 Medicaid recipients in Florida may have been exposed after a government employee fell victim to a phishing attack, state officials warn. The information could potentially be used to file false Medicaid claims.
Apparel retailer Forever 21 says point-of-sale systems in some stores were infected by malware for up to seven months, leading to the theft of customers' payment card data. The retailer says deactivated encryption technology on some POS devices exacerbated the severity of its breach.
Information security truisms: 2017 was the year of more cybersecurity - more attacks, more spending, more defenses, more breaches - and 2018 will see more of everything "cyber," plus GDPR enforcement, proxy wars online and more.
The U.S. Securities and Exchange Commission is planning to update its 6-year-old cybersecurity guidance for how publicly traded firms report data breaches to investors. Experts expect the refined guidance to cover insider trading program rules, breach notifications and business models.
Nissan Canada Finance, which provides financing for Nissan and Infiniti vehicle buyers and leasers, is warning 1.13 million current and former customers that their personal information may have been stolen.