State regulators have fined health plan Kaiser Permanente $450,000 for a mailing mishap that sent private health plan records to the outdated addresses of 167,095 patients. The erroneous mailing was triggered by a technical update of the health plan's electronic health records system.
The U.S. Department of Justice unveiled a new team - the National Security Cyber Section - to disrupt nation-state threat actors and prosecute them at the "earliest stages." NatSec Cyber will work closely with the DOJ's Computer Crime and Intellectual Property Section.
Federal market regulators delayed until October a decision on rules mandating private sector disclosure of cybersecurity incidents and cyber expertise on public boards. The delay comes amid pushback to a mandate to disclose a "material cybersecurity incident" within four business days of discovery.
Major healthcare industry associations are urging federal regulators to finalize proposed changes to the HIPAA privacy rule that would bolster protections over reproductive healthcare data. In some cases, the groups are suggesting that regulators go even further in stretching privacy safeguards.
A British cyber law that criminalizes hacking is outdated, hindering law enforcement action against cyber crooks, U.K. lawmakers heard during a parliamentary hearing on cybercrime. Graeme Biggar, the director general of the U.K's National Crime Agency, said it should be an offense to steal data.
The BlackCat ransomware group has claimed credit for a February phishing attack against Reddit. With no ransom being paid, the extortionists are now seeking to insert themselves into the standoff between Reddit's leadership and volunteer workforce over the introduction of paid access to APIs.
A consumer genetic testing company must ensure the destruction of customer saliva samples and undergo third-party evaluation of its information security program for the next two decades under a proposed consent order with the U.S. Federal Trade Commission.
Ransomware actors are using the thing that verifies crypto transactions - mining - to their advantage. More criminals are laundering their ill-gotten gains by re-minting the digital money through mining to sanitize funds and bypass controls imposed by more highly regulated financial institutions.
In the latest weekly update, ISMG editors discuss how cyber risk is becoming more closely tied to the economic health of nations, why a rural U.S. healthcare provider is closing due in part to ransomware attack woes, and why some cybersecurity companies have laid off staff this month.
A commercial real estate company that operates more than a dozen addiction recovery centers and other medical facilities in several states is notifying 319,500 employees and patients of a recent ransomware incident that compromised their personal and health information.
Federal regulators have hit Washington state-based Yakima Valley Memorial Hospital with a $240,000 HIPAA fine and correction action plan following a 2018 breach involving 23 hospital security guards who snooped into the electronic medical records of 419 patients.
European lawmakers on Wednesday voted overwhelmingly in favor of restrictions for the artificial intelligence industry, approving a regulatory package obliging generative AI model makers to mitigate societal risks and banning a slew of applications, such as biometric recognition in public places.
Swedish privacy regulators ordered Spotify to pay 5 million euros after finding the music streaming service not forthcoming enough with how it uses consumer data. Spotify in an emailed statement said the investigation revealed that "only minor areas of our process" were at odds with the GDPR.
U.K. banks will soon have to reimburse customers who fall prey to authorized push payment scams. The U.K.'s Payment Systems Regulator recently released a policy that would split the reimbursement cost between sending and receiving banks and incentivize the industry to invest in fraud prevention.
Ransomware hackers are stretching the concept of code reuse to the limit as they confront the specter of diminishing returns for extortionate malware. In their haste to make money, some new players are picking over the discarded remnants of previous ransomware groups.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.