A federal judge has cleared the way for a class-action lawsuit filed by card issuers against Home Depot over the retailer's massive 2014 payments breach to proceed. In making the ruling, the judge noted that the banks' allegations regarding the retailer's security negligence appear to have merit.
Since the theft of $81 million from the central bank of Bangladesh came to light in February, investigators have continued to probe similar SWIFT-related attacks against four other financial services firms, dating back to at least 2013.
MySpace has confirmed it is resetting millions of accounts affected by the release of 360 million usernames, email addresses and passwords. According to one expert, more of these types of big breach announcements may be coming.
Before moving to faster payments, U.S. banks should scrutinize the security gaps exploited in the SWIFT-related bank heists and build effective risk-mitigation strategies that include stronger layers of authentication, financial fraud experts say.
Mike Daugherty, the president and CEO of LabMD who is fighting a legal battle with the FTC over two security indents, explains why he believes the agency is overstepping its regulatory authority. And he says that new FTC probes into PCI compliance and EMV deployment could be on the way.
A Bangladesh probe says that an insider may have assisted attackers in perpetrating the $81 million cyber heist against Bangladesh Bank. SWIFT has unveiled new security measures to help other banks, but security experts say more will be needed.
The breach notification site LeakedSource claims that social networking website MySpace has been hacked, with 360 million credentials containing 427 million encrypted passwords compromised. But LeakedSource acknowledges the age of the credentials is unknown. And the veracity of the data remains in question.
Troy Hunt, who runs one of the most prominent services for discovering if your data has been exposed in a breach, shares his thoughts on LinkedIn's recent breach and how his approach to disseminating data breach details continues to evolve.
Hackers reportedly stole $250,000 from Bangladesh's Sonali Bank in 2013, in what's now the fourth case involving malware attacks and injecting fraudulent money-transfer requests into the SWIFT interbank messaging network.
The business of executive email hacking is booming, with hundreds of millions of dollars lost in fraudulent wire transfers. But businesses can improve their processes to avoid inadvertently transferring funds to fraudsters, according to one expert.
E-commerce retailers face an ongoing battle: Their websites are constantly hit by bots using stolen credentials to try to take over accounts. What can companies do to protect themselves? Akamai's Michael Smith offers advice.
A Japanese ATM cash-out scheme that stole $19 million from South Africa's Standard Bank in less than three hours illustrates why devising better ways to mitigate the risks posed by such schemes must be a priority for financial institutions in markets - including the U.S. - that still rely on mag stripe debit cards.
Cyberattacks have gained regulatory attention worldwide. But the world doesn't need more regulation to address new threats, says Steve Durbin of the Information Security Forum. Instead, government must work more closely with the private sector.
After blaming a recent spate of bank robberies on banks' poor information security practices, SWIFT has changed its tune. Now it says it wants to help financial firms spot related fraud and better share information about unfolding threats.
Neither Australia nor New Zealand currently has laws on the books requiring organizations to notify people affected by data breaches. But both countries do say they are committed to introducing that requirement.