LinkedIn failed to force all users to reset their passwords after a 2012 breach of at least 6.5 million credentials came to light. But it turns out the breach actually compromised 167 million accounts. Whoops.
Neither Australia nor New Zealand currently has laws on the books requiring organizations to notify people affected by data breaches. But both countries do say they are committed to introducing that requirement.
A data breach notification service bought what appear to be 117 million username and poorly hashed passwords obtained via the 2012 breach of LinkedIn. That's a far cry from the 6.5 million stolen passwords that initially came to light.
A judge has declined to share details of a flaw exploited by the FBI - either in the Firefox browser or modified Tor version - during the course of a large child pornography investigation, saying Mozilla should deal directly with the U.S. government.
Following a massive data leak, Qatar National Bank has confirmed that its systems may have been hacked. A group with Turkish ties has claimed credit for the attack and reportedly threatened to release information from a second bank hack.
The section chief of the FBI's Cyber Division says "the FBI does not condone payment of ransom," in part because it enables criminals to victimize others. Instead, the bureau continues to urge all potential victims to get their IT house in order.
Like last year's breach of the online dating site Ashley Madison - tagline: "Life is Short. Have an Affair." - this year's release of the "Panama Papers" is holding individuals accountable for actions which, if not always illegal, in many cases appear to have at least been unethical.
Enacting legislation to compel tech companies to help law enforcement decrypt data on mobile devices would diminish America's standing as a moral leader in the world, a nation looked up to by billions of people, even with our many flaws.
The scant - if not conflicting - details and sourcing attached to a recent news report on how the FBI cracked an iPhone 5c have left information security experts questioning both technical details and related agendas.
The continuing success of attackers stealing billions of dollars from organizations, often through simple business email compromise scams, is a sad commentary on the state of corporate security practices as well as our collective lack of cybersecurity smarts.
A court has approved settlement of a class-action lawsuit filed by employees of Sony Pictures in the wake of its massive 2014 breach. But some legal experts say the consumer protections provided in the settlement do not go much beyond what the company should have routinely provided to victims in the wake of a breach.
New guidance from the National Institute of Standards and Technology could help make it easier and less expensive for organizations to encrypt and decrypt some forms of data, including Social Security and credit card numbers.