Australia's fair trading regulator says it's seeking penalties against HealthEngine, an online platform for booking medical appointments, for allegedly selling patient details to private health insurance brokers without disclosure and embellishing patient reviews of healthcare providers.
A little over a week after a breach at Capital One was revealed, more U.S. lawmakers are raising questions about what happened at the bank, including what role, if any, Amazon may have played in opening the door to the intrusion.
Monzo, a U.K. mobile-only bank that plans to expand into the U.S., alerted about 480,000 customers to change their PINs this week after the company's security team found that a software bug meant some numbers were stored unencrypted in plaintext.
Capital One's enormous data breach is a subject of intense scrutiny as well as fear. A definitive post mortem is likely months away. But security professionals have ideas as to how the breach was achieved and the weaknesses that led to it.
The latest edition of the ISMG Security Report analyzes the root causes of the Capital One data breach. Also featured: breach remediation advice and compliance with New York's new third-party risk management requirements.
To leverage blockchain for identity management at the enterprise level, CISOs first need to form a governance structure, says Prasanna Lohar, head of innovation at DCB Bank, a private banking company in India, who describes all the necessary steps.
Through hundreds of millions of selfies, the small Russian company behind FaceApp has likely created one of the largest private troves of geometric and facial landmark data - on the scale of Google and Facebook. The viral app has turned into an intellectual property boon.
The U.S. Department of Defense has purchased IT gear known to have significant cybersecurity vulnerabilities, according to a new inspector general audit, which also highlights concerns about the use of equipment manufactured in China.
In what's likely the first of many investigations, the New York attorney general's office announced late Tuesday that it's launching a Capital One probe following the disclosure that over 100 million U.S. residents had their personal data exposed in a breach. Meanwhile, class action lawsuits are looming.
The cause of Capital One's breach is known. But experts say the incident still raises questions over why Capital One held onto personal data so long and if the bank was adequately monitoring administrator accounts.
The Los Angeles Police Department is investigating a possible data breach that appears to have exposed the personal information of about 2,500 full-time officers, as well as records related to 17,500 potential police candidates, according to local news media reports.
Mergers and acquisitions, along with cloud adoption, are rapidly changing the pharmaceutical industry. Sandy Dalal of Allergan talks about how Okta identity and access management brings security stability and supports a zero trust framework.
Researchers with Armis have disclosed 11 zero-day vulnerabilities in the VxWorks real-time operating system that is used in some 2 billion embedded devices. Of all the "Urgent/11" vulnerabilities, six of the flaws are considered critical.
DirectTrust, - known for creating and maintaining the Direct protocol and trust framework for secure email in healthcare - has kicked off a new initiative to develop industry standards for secure real-time instant messaging. What are the potential benefits?
The Capital One data breach is in early stages of remediation. Art Coviello, former chair of RSA, which was breached in 2011, shares first-hand insight on steps the breached institution and its CEO should be taking now.