TalkTalk's confusion in the wake of its recent data breach, as well as mangling of technical details and failure to encrypt customer data, demonstrate the importance of having an incident-response plan ready in advance of any breach, experts say.
The FBI is pursuing a suspected Russian hacker who reportedly amassed a trove of 1.2 billion stolen online credentials, plus payment card data and Social Security numbers, and who's offered access to hacked Facebook and Twitter accounts.
Reversing recent claims that it was unaware of any data breaches, hotel chain Hilton Worldwide now says it suffered a POS malware infection that affected an unspecified number of hotels, customers and payment cards in 2014 and 2015.
The surge in data breaches has left millions of consumer records compromised. As a result, fraudsters have all they need to open bogus accounts, which cost banks huge losses linked to what Greg Shelton of LexisNexis Risk Solutions calls "sleeper fraud."
Insurance fraud schemes are growing in scale and sophistication. But at the same time, insurance companies - and their customers - are losing their appetite to accept fraud losses. IBM's Brian Banigan offers insight on the latest counter-fraud solutions.
Too many security awareness and education programs fail because they're boring, says Lance Spitzner, research and community director for the SANS Institute's "Securing the Human" program. Read his suggested fixes.
LabMD's recent victory in its long legal battle with the Federal Trade Commission will be short-lived, the medical testing lab's CEO predicts. Find out why, and what changes Michael Daugherty hopes the case will bring to FTC's enforcement practices.
Starwood Hotels and Resorts has confirmed a point-of-sale breach, but card issuers say they don't believe the Starwood breach is isolated, and that fraud patterns indicate that another, perhaps larger breach, is impacting cards across the country.
More than four years after the POS swap attack that struck 80 Michaels craft stores throughout the U.S., details about how the attackers pulled off their scheme have finally emerged. Read why one expert says this was a crime of cash, not cards.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
The moment a successful defense is deployed, attackers find new ways to break into networks. In this video interview, Dr. Dale Meyerrose describes the damage wreaked by APTs and the strategies organizations can use to keep attackers at bay.
As U.S. merchants shore up physical point-of-sale security by upgrading their terminals to accept EMV chip cards, attackers are turning their aim toward new, unattended targets. Here's the latest on how to respond to "shimming" attacks.
The massive cyberattacks that struck Chase and other leading U.S. financial services firms illustrate just how vulnerable larger institutions can be to cyber-attacks. They also show why organizations must encrypt customer data, says security and forensics expert Chuck Easttom.
In the wake of massive health data breaches, four U.S. Senators are demanding that the Department of Health and Human Services provide details about how it tracks medical ID theft and fraud and assists victims. But is HHS positioned to address the issues?