What one company’s deal with the feds tells us about the long tail of data breaches
A recently published corrective action plan between HHS and CHSPSC over a 2014 hack underscores how long companies must deal with the fallout of a harmful breach.
About SC Media
Data Breach
Cybercrime, Data Breach, Featured, Insider Threats, Security News, Web Services Security, E-Commerce Security
Shopify breach: Help center employees are a unique breed of insider threat
The breach perpetrated by two “rogue employees” who worked on the e-commerce platform’s support team illustrates how certain roles within an organization may require more stringent monitoring.
Supply chain weak security link for 92 percent of US companies
The devastating Target breach – the result of an earlier attack on the retail giant’s HVAC vendor – wasn’t an anomaly. New research from BlueVoyant found that 92 percent of U.S. organizations suffered a breach in the past 12 months as a result of weakness in their supply chain. When four other countries (the U.K.,…
All eyes on VA security measures after compromise of 46,000 accounts
The U.S. Department of Veterans Affairs (VA) disclosure that the information of 46,000 U.S. service people recently was breached through an apparent social engineering scheme underscores the need for government vigilance even when a significant investment has been made in state-of-the-art protection. Security experts said the relatively low number of impacted accounts – in comparison…
George Floyd medical records breached; does ‘VIP’ data need bonus security?
Experts told SC Media that the auditing and reporting process is an important component of a health care organization’s data privacy strategy in order to catch violations, and that particular focus should be paid to “records that would be of high interest or curiosity.”
History shows, transparency can ease the fallout from a cyberattack
Cybersecurity firms have a responsibility to keep their clients safe from digital attacks. But when they end up the victims, they potentially risk losing credibility with these customers, especially if their operations are disrupted. It’s a potentially juicy extortion scenario for attackers, and we just saw an example of this play out last week when…
What’s really changed three years after Equifax breach?
Are organizations better off today than they were three years ago when a devastating breach at Equifax exposed sensitive customer data and poor security practices in equal measure? The consensus among experts is that companies still have a ways to go. “Unfortunately, not much has changed,” said Greg Foss, senior threat researcher from VMware Carbon…
How, and when, to hand down consequences to employees for breaching security policy
While security leaders often pay with their jobs for lapses that lead to breaches at their companies (think Target and Uber), organizations long have struggled with how to handle everyday employees who step outside the bounds of security protocols.
Corporate VPNs in danger as vishing attacks target home workers
Multiple hacking gangs are preying on remote workforces and corporate VPNs through vishing attacks that are more efficient, dangerous and ubiquitous than ever, prompting the U.S. government to issue both a warning and advice on how to thwart them. “The news has spread throughout the hacker community and multiple groups are now doing this,” said…
Carnival left to right the ship after breaches threaten travelers’ trust
Regardless of whether or not the incidents are connected, the latest attack will carry ramifications, exacerbated by the combined effects of previous incidents.
Want to read more?
Next post in Data Breach
