A new federal suit against Michaels claims the crafts retailer, hit by a POS skimming scheme in May, took too long to notify customers after it learned of the breach that affected stores in 20 U.S. states.
Strong authentication, using both fact-based and behavioral-based fraud detection solutions, should be part of every financial institution's layered security approach, says Reed Taussig, CEO of ThreatMetrix.
The legislation sponsored by Senate Judiciary Chairman Patrick Leahy would nationalize data breach notification and stiffen penalties for those who fail to notify law enforcement and individuals of a data breach.
David Navetta, an attorney who specializes in IT security and privacy, says the magistrate's recommendation, if accepted by the judge, could set an interesting legal precedent about the security banks are expected to provide for commercial customers.
The Federal Deposit Insurance Corp. has fallen victim to another phishing attack, according to an e-mail alert sent out to customers. This newest attack entices consumers to click a link for details about "important information from your financial institution."
For nearly two years, banks and businesses across the U.S. have been plagued by a wave of corporate account takeover. And while there's no one answer, Texas bank examiner Phillip Hinkle sees ways that institutions can better detect and prevent these crimes.
What's the top threat on the minds of global IT leaders? Employee-owned mobile devices - or BYOD (bring your own device), as the trend is known. The struggle: Do mobile device benefits outweigh the organizational risks?
A new pay-at-the-pump card skimming scheme - this one in West Covina, Calif. - gets the attention of law enforcement authorities, who launch a new awareness campaign that warns consumers to avoid using debit cards at self-service stations.
The House Subcommittee on Commerce, Manufacturing and Trade heard from Sony and Epsilon about breaches that adversely affected consumer information. Both companies support a national data security and breach notification law.