Breaches & Exposures
ICANN is opening up the web to hundreds of more domains beyond the traditional .com and .net, but this week it failed to secure the personal information of applicants.
Joining LinkedIn, dating website eHarmony said Wednesday that it is investigating the possible theft of its members' passwords.
For the first time, breached processor Global Payments disclosed on Tuesday that a number of card brands have removed the company from their approved list of service providers.
Eighty-seven thousand people affiliated with Housatonic Community College may be open to identity theft after the institution became the second Connecticut school to experience a malware outbreak this year.
Visa is advising its customers to be wary of phone scams in which fraudsters request their credit card information under the guise that they need it for "security reasons" in light of the major data breach that affected Global Payments, according to a Tuesday alert from Visa.
A misconfigured server is to blame for the attack, which impacted roughly 780,000 Medicaid and Children's Health Insurance Plan recipients.
An accused member of the hacktivist group LulzSec pleaded guilty Thursday in federal court in Los Angeles to charges of hacking into the systems of Sony Pictures Entertainment, according to reports.
Hackers, believed to be operating out of Eastern Europe, breached a server at the Utah Department of Health (UDOH) to access thousands of Medicaid records.
Boardrooms are finally buzzing with serious discussion around cyber security as countless high-profile breaches have produced massive loss.
Global Payments, a major credit card processor based in Atlanta, is off Visa's approved list after it confirmed it was breached of some 1.5 million card numbers. The incident, however, is still shrouded in some mystery.
The FTC seemed most upset with RockYou's failure to protect the personal information of 179,000 children who registered to use the site.
Hackers calling themselves "LulzSec Reborn" have claimed responsibility for two breaches that resulted in the dumping of personal information.
The personal information of more than 1,000 public employees of Wayne County, Mich., was exposed when a spreadsheet containing their data was inadvertently attached to an email blast.
The college blames a "server management error" for the public posting of confidential information of tens of thousands of students, faculty and staff.
Organizations now pay an average of $194 per breached record, the first time the annual Symantec-Ponemon Institute "Cost of a Data Breach Study" noted a drop since its inception in 2006.
Online hackers have compromised two adult websites, including the very popular YouPorn, in recent weeks, apparently to highlight weak security.
Following the theft of a computer at Sutter Health in October that put the personal information of more than 4.2 million patients at risk, 11 class-action lawsuits were filed against the Sacramento, Calif.-based nonprofit.
A group of Republican senators on Thursday introduced a competing bill to the bipartisan Cybersecurity Act of 2012, which was unveiled two weeks ago.
Until last year, lost and stolen laptops were to blame for the largest percentage of breach types. Now, hacking has claimed the top spot.
The health records of more than 30,000 patients at five California hospitals may have been publicly accessible via search engines due to improper server configurations.
If a data breach occurs, when are companies more likely to be sued by consumers or employees? A Carnegie Mellon University researcher joined me on the SC Magazine Podcast to discuss.
A letter addressed to the stolen email addresses of Stratfor customers claims to be a helpful reminder of malware scams, but is actually bait to spread the Zbot trojan.
Hackers may have accessed the personal health data belonging to patients of Denver area-based Metro Community Provider Network, a nonprofit health care provider for low-income individuals and families.
Anonymous stayed busy on Friday with the dump of 300 GB of emails and other communications, lifted from the law firm representing a U.S. Marine who recently escaped jail time for his role in a 2005 massacre.
The company responsible for ensuring that users reach the website they intend to reach admitted in an SEC filing that its network was breached numerous times in 2010.
Malware may have allowed attackers to make off with the personal information of thousands of people connected to Indiana University Health Goshen Hospital.
The largest class-action settlement in Hawaii's history is related to data breaches at University of Hawaii campuses.
Big Yellow has done an about-face in light of new analysis that confirms users of its pcAnywhere software may be at risk to attack due to the disclosure of source code.
Hackers breached a server belonging to online retailer Zappos and made off with the personal information of 24 million customers, though no credit card numbers were involved.
Fingers are being pointed at criminal networks based in Russia and China as the culprits behind the more-than-decade-long siphoning of personal banking information from students, faculty and staff of the City College of San Francisco.
Sign up to our newsletters
SC Magazine Articles
- Microsoft report explores dangers of running expired security software
- Survey: real-time SIEM solutions help orgs detect attacks within minutes
- Vulnerabilities identified in three Advantech products
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- State Department hack may be tied to White House network breach
- Operators disable firewall features to increase network performance, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Upping the ante: PCI Security Standard
- Study: Third of employees use company devices for social media and online shopping
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Swedish appeals court nixes Assange's plea
- Critical XSS vulnerability addressed in WordPress
- The Internet of Things (IoT) will fail if security has no context