The world's first-ever binding regulation on artificial intelligence came into force on Thursday. The law's requirements are set to be enforced in a phased manner. The ban on high-risk AI systems is set to be actionable first, six months after the enforcement date.
Following the demise or disruption of both the LockBit and BlackCat - aka Alphv - ransomware groups, more attackers than ever before are choosing to work as lone wolves rather than under the banner of increasingly toxic brands - due to the risk they pose, ransomware watchers report.
Change Healthcare officials projected that the company's massive February cyberattack affected one-third of the American population. So why did the IT services provider's HIPAA breach report to federal regulators lowball the initial estimate, saying the cyberattack only affected 500 people?
How close are you to achieving Zero Trust? If you’re a CISO or other security leader, recent and forthcoming government mandates mean you urgently need an answer to this question.
The United States government gave a cautious blessing for unrestricted access to open artificial intelligence foundation models, warning that users should be prepared to actively monitor risks. Open-weight AI models are essentially ready-to-use molds for developers to build applications on.
The British data regulator reprimanded the U.K.'s Electoral Commission for its failure to prevent a 2021 hack attack that resulted in the exposure of millions of voter records. Hackers breached the Electoral Commission's networks after exploiting the ProxyShell vulnerability.
A federal judge has dismissed several claims but has given the green light for plaintiffs to move forward with other allegations in a proposed class action filed against electronic health records vendor NextGen in the aftermath of a 2023 ransomware attack that affected about 1 million people.
Millions of Americans will soon receive a breach notification letter from Change Healthcare, which said on Monday that it has started the process of notifying victims of the massive cyberattack and data theft incident first detected more than five months ago.
Health benefits administrator HealthEquity, which earlier this month reported to the U.S. Securities and Exchange Commission a hacking incident involving the compromised credentials of a vendor, has now told state regulators that the breach affected the information of 4.3 million individuals.
United States, British and South Korean government agencies blamed a North Korean espionage group for targeting their defense, aerospace and energy sectors to steal Western nuclear and military technologies to advance Kim Jong Un regime's military and nuclear ambitions.
U.S. hospital chain Ascension has filed a placeholder breach report to federal regulators saying its May 8 ransomware attack affected at least 500 individuals. Meanwhile, the waiting game continues for Change Healthcare's official data breach report and individual notifications.
In the latest weekly update, ISMG editors discussed the massive CrowdStrike IT outage that crashed 8.5 million Windows systems and severely affected the healthcare, finance and transportation sectors. Here's what you need to know one week later about the recovery, impact and lessons learned.
Software vendor MCG Health has agreed to pay $8.8 million to settle a consolidated proposed federal class action lawsuit involving a 2020 hacking incident. The suit claims the company took two years to identify and report a data theft that affected about 1.1 million people.
During a hearing Tuesday, U.S. Sen. Richard Blumenthal, D-Conn., revealed that Bank of America, JPMorgan Chase and Wells Fargo only reimbursed 38% of unauthorized Zelle transaction claims - leaving consumers on the hook for $100 million in fraud losses. The banks disputed the committee's findings.
The Department of Health and Human Services is facing some of the same cloud security problems as the healthcare organizations it regulates: weaknesses in a dozen different cloud security controls and inventories of cloud systems, according to an inspector general's audit report.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.