In the latest weekly update, ISMG editors discuss how the Silicon Valley Bank crash will affect innovation in the cybersecurity space, why the SEC fined cloud provider Blackbaud $3 million for its "erroneous" breach details, and why the feds fined a web hosting firm in a kids' insurance site hack.
The U.K. government recently embarked on a plan to create its own version of the EU's General Data Protection Regulation, but attorney Jonathan Armstrong says he is "pretty skeptical" that this second attempt at privacy reform will successfully make it through the country's Parliament.
A vendor of clinical and third-party administrative services to managed care organizations and healthcare providers serving elderly and disabled patients said a cybersecurity incident last summer has affected more than 4.2 million individuals.
MKS Instruments expects a $200 million revenue hit from February's ransomware attack after the hack removed the company's ability to process orders or ship products. The Feb. 3 ransomware attack required the company to temporarily suspend operations at some MKS Instruments facilities.
The Securities and Exchange Commission proposed a slew of new cybersecurity rules for the companies underpinning the U.S. stock market, the latest sign of increasing unhappiness among Biden administration officials about the private sector's management of digital risk.
In the latest "Proof of Concept" panel discussion, two Capitol Hill observers at Venable, Grant Schneider and Jeremy Grant, join Information Security Media Group editors to break down the Biden administration's new U.S. national cybersecurity strategy and answer the question, "Is it really viable?"
A Florida company will pay nearly $300,000 to settle allegations stemming from a 2020 hacking incident that revealed the personal identifying information of hundreds of thousands of minors. The settlement with Jelly Bean Communications Design is part of a federal crackdown on lax cybersecurity.
A cancer patient whose partially naked exam photos and personal data were stolen and subsequently posted on a ransomware leak site last month filed a proposed class action lawsuit, alleging that Lehigh Valley Health Network's refusal to pay the ransom "prioritized money over patient privacy."
A provider of online mental health services is notifying nearly 3.2 million people that the company used website tracking tools to share sensitive patient information with third parties including Facebook, Google and TikTok - without the individuals' consent.
President Joe Biden's budget request for fiscal 2024 includes a big proposed boost for the federal office charged with enforcing privacy and security within the healthcare industry. The proposal asks for $78 million in appropriations for the Office of Civil Rights.
Fundraising and customer relationship management software provider Blackbaud has reached a $3 million settlement agreement with the Securities and Exchange Commission over allegations it made "misleading disclosures about a 2020 ransomware attack that impacted more than 13,000 customers."
An overview of the White House's spending blueprint for the coming federal fiscal year shows big proposed increases for cybersecurity. CISA would receive $145 million more that current amounts. Ukraine would receive hundreds of millions to counter "Russian malign influence" including in cyberspace.
A healthcare revenue cycle management software vendor is facing a proposed class action lawsuit in the aftermath of a December data exfiltration attack affecting nearly 251,000 patients. Ransomware group Royal took credit for the attack, allegedly leaking samples of the stolen data on its leak site.
The British government is proposing modifications to the European privacy law adopted as British law before the U.K. left the EU. Civil society groups warn that changes to the U.K. GDPR could lead to more surveillance. Some tech firms say the government is poised to increase its regulatory burden.
The Department of Health and Human Services and the Health Sector Coordinating Council on Wednesday published an updated toolkit that aims to help healthcare entities align security programs with the National Institute of Standards and Technology's Cybersecurity Framework.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
