The Retail Industry Leaders Association is battling against passage of a national data security and breach notification bill known as the Data Security Act of 2015, arguing it would unreasonably require retailers to meet some of the same security standards as banks, says Austen Jensen, a RILA vice president.
Now that both the FBI and the FFIEC have issued alerts calling attention to the risks associated with interbank messaging and wholesale payments in the wake of SWIFT-related heists, U.S. institutions should brace for more regulatory scrutiny of bank-to-bank payments, financial fraud experts say.
HIPAA has long provided patients with the right to access their own "designated record set" of protected health information. But federal regulators are on a campaign to help patients and healthcare organizations understand records access rights, as well as the related privacy risks.
Asking how many different technologies consumers will tolerate when it comes to paying for their goods and services is a bit like asking how many more superheroes moviegoers will countenance in the latest "Avengers" film.
Is SWIFT now playing good cop/bad cop? While it initially promised to not police the financial services industry, it's now considering training auditors and suspending banks found to have poor information security practices.
Since the theft of $81 million from the central bank of Bangladesh came to light in February, investigators have continued to probe similar SWIFT-related attacks against four other financial services firms, dating back to at least 2013.
A Bangladesh probe says that an insider may have assisted attackers in perpetrating the $81 million cyber heist against Bangladesh Bank. SWIFT has unveiled new security measures to help other banks, but security experts say more will be needed.
A Japanese ATM cash-out scheme that stole $19 million from South Africa's Standard Bank in less than three hours illustrates why devising better ways to mitigate the risks posed by such schemes must be a priority for financial institutions in markets - including the U.S. - that still rely on mag stripe debit cards.
LinkedIn failed to force all users to reset their passwords after a 2012 breach of at least 6.5 million credentials came to light. But it turns out the breach actually compromised 167 million accounts. Whoops.
After blaming a recent spate of bank robberies on banks' poor information security practices, SWIFT has changed its tune. Now it says it wants to help financial firms spot related fraud and better share information about unfolding threats.
Walmart's lawsuit against Visa, which claims the card brand is unfairly preventing retailers from requiring that customers enter PINs when they conduct EMV debit transactions, poses important questions about fair business practices, says Liz Garner of the Merchant Advisory Group.
Another series of SWIFT-enabled hack attacks against a bank has come to light, following the theft of $81 million from the central bank of Bangladesh and SWIFT warning that other banks are also being targeted.
Ransomware, regulations, botnets, information sharing and policing strategies were just some of the topics that dominated the "International Conference on Big Data in Cyber Security" hosted by Edinburgh Napier University in Scotland.
The federal tally of major health data breaches is littered with hundreds of incidents blamed on business associates that affected a total of tens of millions of individuals. But vendor involvement in breaches is probably actually a lot worse than what's reflected on the HHS tally.