The massive data breach suffered by Equifax in 2017 "was entirely preventable," according to a report released by the House Oversight Committee's Republican majority. Some Democratic lawmakers have slammed the report for failing to advance legislative or oversight changes to help prevent breaches.
The U.K.'s privacy watchdog says that six months after enforcement of the EU's General Data Protection Regulation began, it's seen a dramatic increase in data breach reports - as well as privacy complaints from the public.
A batch of documents meant to be kept under court seal lays bare Facebook's strategic brokering of access to user data to reward partners and punish potential rivals. The material also demonstrates Facebook's views at the time on privacy and the risks of leaking data.
Consumer organizations in seven countries plan to file complaints alleging that Google is violating the EU's General Data Protection Regulation via its location, web and app activity tracking, in what could be a blow to the search giant's lucrative but data-hungry targeted advertising business.
With the year nearly over, hacking attacks - especially those involving phishing and other email attacks - continue to rack up big victim counts for health data breaches reported to federal regulators in 2018.
Uber has been slammed with $1.2 million in fines by U.K. and Dutch privacy regulators for its cover-up of a 2016 data breach for more than a year. The breach exposed millions of drivers' and users' personal details to attackers, whom Uber paid $100,000 in hush money and for a promise to delete the stolen data.
Australia's Parliament has passed legislation that strengthens privacy protections for My Health Record, the country's embattled digital medical records program. But questions remain about whether the changes go far enough to restore confidence in electronic health records.
In at least the fourth federal HIPAA case involving improper disclosure of patient information to the media, federal regulators have slapped a three-doctor practice in Connecticut with a financial penalty.
Protecting the Department of Health and Human Services' systems, data - and program beneficiaries - from evolving cyberthreats is a top challenge for the agency, according to a new report that recommends action items.
Despite increased use of two-factor authentication, single sign-on, and biometrics, passwords are still the most common form of authentication. However, when a significant percentage of breaches are caused by weak, stolen, or reused passwords, it's clear passwords pose significant risks that can't be ignored.
You know password management is important. But is your business failing to invest in this easy security and productivity win?
In this Global Password Security Report, we're uncovering the true state of corporate password security around the world. We analyzed aggregated data from more than 43,000 businesses using...
As the modern attack surface rapidly expands, companies must get the basics right. Yet each time a data security breach hits the news, there are reactionary questions are what could have been done to avoid the problem. More often than not these incidents occur because organizations commonly overlook basic security...
Private sector organizations in Canada must now report all serious data breaches to the country's privacy watchdog as a result of new provisions in Canada's PIPEDA privacy law. Violators face fines of up to $100,000 for every breach victim they fail to notify or breach they attempt to hide.
Facebook has been slammed with the maximum possible fine under U.K. law for "a very serious data incident" that exposed an estimated 87 million Facebook users' personal details to political campaign influence firm Cambridge Analytica.
A coding error in a portal of the Employee Retirement System of Texas inadvertently allowed some users to view the information of others, potentially exposing information on 1.25 million of its members. Why are breaches involving coding mishaps so common?