Data Breaches

Closing the web app data security gap: Dynamic data masking for web applications

The rigidity of web application security controls has left the enterprise vulnerable to data breach.

Back to basics - Ensure both PCI compliance and tighter security

Every business that operates a cardholder environment to transact with its customers is required to maintain compliance to the PCI DSS international standard for security. Penalties for lack of compliance have become costly yet compliance does not equal security.

Canada Revenue Agency sends taxpayer info to CBC

By

Tax and donation information was revealed on hundreds of Canadians, some of them prominent.

Authorities eye foreign operatives in Target breach

By

A year after the massive breach at the retailer, authorities are keeping mum, but security pros say signs point to Ukrainian man.

Credit unions urge Congress to enforce security standards for retailers

By

The National Association of Federal Credit Unions is asking Congress to establish national data breach and notification standards for retailers.

Beth Israel medical center to pay $100K over data breach

By

The Boston-based hospital agreed to the fine related to its 2012 data breach which left information on thousands of patients vulnerable to compromise.

Home Depot faces 44 lawsuits post-breach

By

The company disclosed the lawsuits as part of its quarterly earnings report.

Breach impacts about 10,000 employees in Maryland school system

By

Prince George's County Public School System in Maryland is notifying roughly 10,000 employees that their personal information may be at risk.

SC Congress Chicago 2014: Make FBI an ally after breach

By

Panelists at the closing keynote at SC Congress 2014 in Chicago urged attendees to work with the FBI to unravel breaches.

USPS draws ire of Congress over data breach response

USPS draws ire of Congress over data breach response

By

Members of the USPS testified before a House subcommittee Wednesday, drawing criticism over the delay in its breach notification to impacted employees.

Staples incident possibly connected to Michaels breach, report indicates

By

Brian Krebs reported on Monday that malware found in Staples stores was observed to be communicating with command-and-control networks used by attackers in the Michaels payment card breach.

Devices stolen from Boston hospital physician during armed robbery contained patient data

By

Boston-based Brigham and Women's Hospital is notifying roughly 1,000 patients that their personal information may have been on a laptop computer and cell phone stolen from a physician during an armed robbery.

House committee asks for details on State Dept breach

By

Democrats on a House oversight committee have asked Secretary of State John Kerry when the breach was first discovered.

Healthcare sector's broad data sets will attract increased attacks in 2015

Healthcare sector's broad data sets will attract increased attacks in 2015

By

A number of Websense threat predictions point back to the vulnerable healthcare industry as a major target for cybercriminals.

State Department hack may be tied to White House network breach

State Department hack may be tied to White House network breach

By

The AP reported on Sunday that the State Department had its unclassified system compromised. The news follows the breach of three other government entities' systems.

Malware on Central Dermatology Center server since August 2012

By

Central Dermatology Center is notifying more than 76,000 patients that one of its servers had been compromised by malware for roughly two years, and their personal information may or may not have been accessed.

Failing the security test: Target wasn't the first failing grade, or the last

Failing the security test: Target wasn't the first failing grade, or the last

It's easy to get hung up on discussions around chip-and-pin, malware and network segmentation, and in the process lose sight of the broader trends that underlie many breaches.

Seattle Public Schools data improperly released, at least 8,000 students affected

By

Seattle Public Schools is notifying parents that personal information on as few as 8,000 special education students was improperly released.

Data on reported 2.7M HSBC Turkey customers compromised in attack

By

The personal information included card and linked account numbers, card expiry dates and cardholder names.

Debt sellers exposed personal info of 70K consumers, draws FTC action

Debt sellers exposed personal info of 70K consumers, draws FTC action

By

Two debt sellers allegedly posted the people's personal information on unencrypted, publicly accessible spreadsheets that were post online.

Four commonly overlooked security gaps

Four commonly overlooked security gaps

If organizations are looking to raise their security profile, they should certainly examine these commonly overlooked areas.

Shellshock used in BrowserStack attack

Shellshock used in BrowserStack attack

By

BrowserStack experienced an attack on Sunday that resulted in partial user information being accessed and bogus emails being sent to about 5,000 users.

Four NOAA websites compromised by an internet-sourced attack

By

The attacks were detected and incident response began immediately, with unscheduled maintenance being performed to mitigate the threat.

Postal workers union files charges following USPS breach

By

The American Postal Workers Union filed charges to the National Labor Relations Board against the Postal Service for failing to notify them earlier about the recent breach.

Visionworks notifies 75K Maryland customers of missing database server

By

As many as 75,000 customers who received services at a Visionworks location in Maryland are being notified that in an investigation is underway to locate a missing database server potentially containing their information.

Arrest uncovers stolen Amex cardholder data

By

In a notification letter to customers, Amex said law enforcement has arrested an individual possessing stolen personal and account information.

Report provides in-depth look at POS malware used in some of the biggest breaches

Report provides in-depth look at POS malware used in some of the biggest breaches

By

A Cyphort Labs report provides an in-depth analysis of Backoff, BlackPOS and FrameworkPOS, malware used in some of the biggest breaches.

Home Depot breach spawns new phishing scam

By

Attackers are using stolen email addresses to try to steal victims' bank account numbers.

Malware possibly compromised payment cards at Grand Casino Mille Lacs

By

Payment cards used at Grand Casino Mille Lacs were subsequently used to make fraudulent purchases, and may have been compromised by an unauthorized individual who used malware.

Federal data breach legislation advances as provincial lapse nears

By

A Canadian federal bill that would force companies to notify individuals of breaches moved a step closer to being law in October.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US