Global Tel*Link, a major telecommunications provider for state and federal prison systems, will be required to notify the FTC and consumers of future security incidents after a sweeping data breach left hundreds of thousands of its users vulnerable to identity theft and other privacy concerns.
In the latest weekly update, editors at Information Security Media Group discuss why a growing number of U.S. and Canadian hospitals have been forced to turn away patients because of cyberattacks, innovations that have surfaced during the Israel-Hamas war and the future of industrial automation.
The estates of two deceased UnitedHealthcare Medicare Advantage policyholders allege in a proposed federal class action lawsuit filed this week that the insurance giant is using an AI tool to illegally deny necessary coverage for post-acute care, such as skilled nursing, to elderly plan members.
The U.S. Securities and Exchange Commission's requirement for publicly traded companies to report cyber incidents that have a material impact within four days is "not about playing gotcha with public companies," said the commission’s director of the corporation finance division.
European lawmakers behind an artificial intelligence regulation that's close to finalization predicted Thursday the law will set global standards. "We want AI to develop in Europe, and this is why we want to build a trustworthy ecosystem," said Brando Benifei.
Regulating AI is "like regulating Jell-O," said Massachusetts risk counsel Jenny Hedderman, but states are looking at regulating "areas of harm" rather than AI as a whole. In this episode of "Cybersecurity Insights," Hedderman discusses privacy, third-party vendor risk, and lawyers' use of AI.
The number of healthcare organizations and patients affected by a recent data theft at medical transcription firm Perry Johnson & Associates is expanding: The company now says the breach affected the sensitive information of about 9 million people.
A key European parliamentary committee on Tuesday voted to carve off encrypted communications from a legislative proposal directing online providers to diminish the risk of child sexual abuse material. The European Parliament's LIBE Committee emphatically rejected weakening end-to-end encryption.
A virtual pharmacy and mail-order prescription drug firm is notifying about 2.36 million patients of a hacking incident that compromised their sensitive information. In the past week, attorneys have filed at least six proposed federal class action lawsuits related to the breach.
McLaren Health Care is notifying nearly 2.2 million people of a data breach weeks after ransomware group Alphv/BlackCat claimed to have stolen 6 terabytes of patient records in a recent attack. In the meantime, the number of lawsuits filed against McLaren related to the incident continues to climb.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," former Uber CSO Joe Sullivan discusses the Uber trial and offers guidance to future CISOs. Was the Uber case a data breach or not. Sullivan explained why that making that distinction can be complicated.
A San Diego public hospital is diverting ambulances and patients to other facilities as it is dealing with a cyberattack this week. The medical center is the latest on a growing list of regional hospitals forced to suddenly shift patients to neighboring entities due to a cybersecurity crisis.
The U.S. Cybersecurity and Infrastructure Security Agency published guidance that offers best practices in developing consumption processes for software bills of materials, but experts told ISMG the document lacks technical specifics and warned that most organizations face SBOM resourcing issues.
In the latest weekly update, editors at Information Security Media Group discuss the shaping of responsible artificial intelligence governance, major takeaways from the U.K. AI Summit, and an overview of the main themes and insights from ISMG's recent Mumbai Summit.
European Union lawmakers and trading bloc governments reached a provisional agreement on a revised identity framework intended to digitize access to key public services for the majority of Europeans by the start of the next decade. The update is not universally welcomed by cybersecurity experts.