Efforts to exploit U.S. election security continue, and China, Russia, Iran and North Korea's "cyber espionage, attack and influence capabilities" pose an increasing threat, Director of National Intelligence Dan Coats told the Senate Intelligence Committee.
Information about more than 14,000 HIV patients included in a Singapore health registry was exposed online in what appears to be an inside job. The incident illustrates the importance of safeguarding sensitive health data, such as by implementing behavioral analytics.
Banks in West Africa have been targeted by at least four hacking campaigns since mid-2017, with online attackers wielding commoditized attack tools and "living off the land" tactics to disguise their efforts, Symantec warns.
Forty-three states have reached a settlement with Neiman Marcus over its 2013 data breach, one of several breaches from that period blamed on in-memory malware. The retailer will pay $1.5 million and must use encryption and tokenization to protect card data.
The Trump administration has launched a public awareness campaign, spearheaded by the National Counterintelligence and Security Center, urging the U.S. private sector to better defend itself against nation-state hackers and others who may be trying to steal their sensitive data or wage supply chain attacks.
Web portals designed to provide convenient service to consumers can pose substantial security risks, as numerous breaches in recent years have clearly illustrated. What steps can be taken to reduce those risks?
Federal regulators have slapped a company that provides contracted physicians to hospitals and nursing homes with a $500,000 HIPAA settlement in a breach case involving the lack of a business associate agreement with an individual providing billing services.
A security review of two Medicaid managed care organizations in Arizona revealed several significant access control and configuration vulnerabilities, raising concerns about whether other MCOs face similar challenges.
Marriott's mega-breach underscores the challenges companies face in securing systems that come from acquisitions as well as simply storing too much consumer data for too long, computer security experts say. Meanwhile, the hotel giant has yet to answer many pressing data breach questions.
Protecting the Department of Health and Human Services' systems, data - and program beneficiaries - from evolving cyberthreats is a top challenge for the agency, according to a new report that recommends action items.
Months after the New Jersey attorney general's office smacked a medical practice with a hefty penalty for a 2016 breach, the office has signed a $200,000 settlement with the group's business associate that was responsible for the incident and banned its owner from managing or owning a business in the state.
A coding error in a portal of the Employee Retirement System of Texas inadvertently allowed some users to view the information of others, potentially exposing information on 1.25 million of its members. Why are breaches involving coding mishaps so common?
As companies go through a digital transformation, they need to move toward real-time risk management - and artificial intelligence can play a critical role, says David Walter, vice president of RSA Archer.
The Department of Health and Human Services has updated its HIPAA security risk assessment tool to better assist small and mid-sized healthcare entities and their vendors in performing a comprehensive risk analysis. But why is conducting a risk assessment so challenging for so many?