More than two weeks after announcing that the Obamacare website, HealthCare.gov, had been hacked, the Department of Health and Human Services has revealed that the breach exposed a wealth of information, including partial Social Security numbers and immigration status.
Bankers Life is notifying more than 566,000 individuals, including Medicare supplemental insurance policyholders, that their personal information was exposed in a hacking incident. Employee credentials were compromised, enabling unauthorized access to certain company websites containing personal data.
An analysis of a crackdown on criminals' use of encrypted communications leads the latest edition of the ISMG Security Report. Also: a preview of ISMG's Healthcare Security and Legal & Compliance summits, including expert insights on vendor risk management.
Networks are constantly evolving - and so are their attack surfaces. IT security pros must now contend with digital assets like cloud platforms, application containers, web applications, IoT devices, and industrial control systems. For those in critical infrastructure industries, the stakes are even...
In this report we analyze real-world end-user vulnerability assessment (VA) behavior using a machine learning (ML)
algorithm to identify four distinct strategies, or "styles." These are based on five VA key performance indicators (KPIs)
which correlate to VA maturity characteristics.
This study specifically focuses...
As the modern attack surface rapidly expands, companies must get the basics right. Yet each time a data security breach hits the news, there are reactionary questions are what could have been done to avoid the problem. More often than not these incidents occur because organizations commonly overlook basic security...
When it comes to IT infrastructure, it's fair to say the perimeter has left the premises. In fact,
the perimeter has mostly disappeared. We are living in a new reality, one crowded with new types of dynamic IT assets.
it's discovering short-lived assets like containers, assessing the state of cloud...
Digital transformation (DX) continues to drive growth across financial services firms, creating new opportunities to increase revenue and foster innovation. Cloud - whether public, private or a hybrid approach - is foundational to achieving DX objectives, as is secure, resilient and scalable network connectivity....
HSBC Bank is warning some of its U.S. customers that their personal data was compromised in a breach, although it says it's detected no signs of fraud following the "unauthorized entry." Security experts say the heist has all the hallmarks of a credential-stuffing attack campaign.
Pakistan says the nation's banks have not been hacked, but adds that they are taking defensive steps after nearly 20,000 payment card details appeared for sale online. The State Bank of Pakistan says banks are implementing restrictions on international transactions.
Email is Insecure
Boards of directors need effective communication and collaboration in order to reach their goals and fulfill the mission of the organization. Unfortunately, this puts corporate secretaries, general counsels and main board administrators under a lot of pressure to manage, secure and govern board...
Georgia quietly fixed two flaws in its voter registration website that could have exposed personal information. How the secretary of state's office discovered the flaws and reacted suggests it may have erred when making a sensational accusation against the Democrats on the eve of the U.S. midterm elections.
Over the last five years, cybercrime occurrences have escalated dramatically, taking hold of organizations
worldwide - affecting revenue, productivity, information security, and reputation. In 2017 Cost of
Cybercrime Study, the Ponemon Institute emphasizes that, on average, organizations have paid
$11.7 million USD...
Months after the New Jersey attorney general's office smacked a medical practice with a hefty penalty for a 2016 breach, the office has signed a $200,000 settlement with the group's business associate that was responsible for the incident and banned its owner from managing or owning a business in the state.
Georgia's Republican gubernatorial candidate has accused the state's Democratic Party of attempting to hack the state's voter registration database. The accusation, from Brian S. Kemp, is complicated by his also being the state's current secretary of state, supervising election infrastructure and security.