A messy legal case involving a 2017 privacy breach that has already cost Aetna about $20 million in settlements has taken yet another twist. The health insurer has filed a lawsuit against two organizations that represented plaintiffs in an earlier privacy-related dispute, attempting to recoup some costs.
Canadian citizen Karim Baratov has been sentenced to serve five years in U.S. federal prison after he admitted to hacking and identity theft charges connected to his working as "hacker for hire" for alleged Russian FSB officers, who have been tied to a massive 2014 breach of Yahoo.
What happens if organizations that must comply with GDPR have yet to achieve compliance, despite having had two years to do so before enforcement began? Don't panic, says cybersecurity expert Brian Honan, but do be pursuing a data privacy transparency and accountability action plan.
File-less malware is a huge security challenge for organizations today, and traditional email security controls aren't sufficient to meet the challenge. Burke Long of Lastline offers insight on a new way to approach email security.
Leading the latest edition of the ISMG Security Report: Reports on the impact enforcement of the EU's General Data Protection Regulation, which began Friday, will have on the healthcare and banking sectors. Plus an assessment of GDPR compliance issues in Australia, which offer lessons to others worldwide.
To judge by the flood of GDPR-themed email hitting inboxes, Europe's privacy law has been designed to ensure that you say "yes" to companies that monetize the buying and selling of your personal details, regardless of whether you remember ever having done business with them before.
At least 500,000 routers, mostly located in Ukraine, have been infected with "VPN Filter" malware that experts believe is a prelude to a massive cyberattack. But the FBI has sinkholed the control domain for the router botnet, which should help contain the potential damage.
Will federal regulators finally tackle long overdue rulemaking related to a HITECH Act provision calling for the Department of Health and Human Services to share money collected from HIPAA settlements and penalties with breach victims?
Researchers have discovered two new Spectre/Meltdown variants: variant 3a, a rogue system register read, and variant 4, a speculative store bypass. Some AMD, ARM, Intel and IBM Power chips have the flaws, which attackers could exploit to steal sensitive data. Some fixes have already been shipped.
John Gammell of New Mexico has been sentenced to serve 15 years in prison for launching DDoS attacks against prior employers and business competitors, as well as for being a convicted felon in possession of firearms.
The EU's General Data Protection Regulation, which will be enforced beginning May 25, has significant implications for how financial institutions worldwide handle customer data, says Brett King, CEO of Moven, an all-digital bank, who sizes up the challenges.
If you're paying attention, you've probably already seen a handful of GDPR-related headlines just today, let alone in the last week or month. But there are two good reasons for the deluge of GDPR discussion right now: It's incredibly important and the time to act is now.
Respiratory care provider Lincare Inc. has signed an $875,000 settlement of a class action lawsuit brought by current and former employees in the wake of a 2017 breach involving a business email compromise scam. The company was previously fined by federal regulators after another breach.