Information about more than 14,000 HIV patients included in a Singapore health registry was exposed online in what appears to be an inside job. The incident illustrates the importance of safeguarding sensitive health data, such as by implementing behavioral analytics.
Apple is preparing a fix for a serious flaw in its FaceTime software for making audio and video calls. The software can be abused to remotely eavesdrop on and view a recipient, without their knowledge, even if they don't answer the call.
Roger Stone Jr., a longtime political adviser to President Donald Trump, has been arrested as part of Robert Mueller's Russian interference probe. Stone has been accused of lying to Congress about his communications with WikiLeaks over stolen Democratic Party documents and emails it published.
The latest edition of the ISMG Security Report features an analysis of why Google was one of the first companies to be hit with a major GDPR fine, plus a global update on GDPR compliance trends and an in-depth report on shifts in malware.
Cisco is out with findings from its 2019 Data Privacy Benchmark Study, which shows the impact of GDPR compliance as well as how customers are asking more questions about how their data is secured. Cisco Chief Privacy Officer Michelle Dennedy analyzes the survey.
France has hit Google with a 50 million euro ($57 million) fine for violating the EU's General Data Protection Regulation. The country's data regulator says Google doesn't inform users in a clear way how their data is being collected and processed for targeted advertising.
The U.S. Federal Trade Commission is close to concluding its investigation into Facebook over the Cambridge Analytica scandal, the Washington Post reports, noting that the social network may face a record-setting fine, exceeding the $22.5 million fine the FTC in 2012 slammed on Google.
Airline booking system provider Amadeus - whose system is used by 500 airlines - is investigating a software vulnerability that exposed passenger name records, which is the bundle of personal and travel data that gets collected when booking a flight.
Europe's "right to be forgotten" should not apply worldwide, but only inside the EU, according to a nonbinding opinion issued to the European Court of Justice by one of its advocate generals regarding a case that arose from a dispute between France's data privacy watchdog and Google.
On Wednesday, just days after a new "cybersecurity" law took effect, Vietnam alleged that Facebook has violated the law by allowing users to post anti-government comments on the platform. The so-called cybersecurity law actually speaks little about IT security measures.
Police in Germany say a 20-year-old student has confessed to stealing and leaking personal details from 1,000 German politicians, celebrities and journalists, allegedly after bragging about the crime. More advanced attackers rarely make so much noise.
What impact would potential changes to HIPAA have on the healthcare sector? And what's the likelihood that HIPAA, indeed, will be modified - especially provisions that touch on privacy and security? Privacy attorney Kirk Nahra sizes up what's ahead.
Don't rush to blame the printing outage at newspapers owned by Tribune Publishing on anything more than an organization failing to block a malware outbreak. And even if it does prove to be a Ryuk ransomware attack, there's no proof yet that any particular nation-state is behind the campaign, experts warn.
Digital steganography is the practice of hiding information in plain sight, especially inside other data or images. And a new toolset, which debuted earlier this month at the Black Hat Europe conference, suggests steganography is going to get much more difficult to spot.