Rumors are swirling about how the Department of Health and Human Services lost about $7.5 million in grant payments through a series of cyberattacks last year, including speculation over whether the incidents involved sophisticated AI-augmented spear-phishing or more commonplace fraud schemes.
As cyberthreats evolve, mobile network operators need offensive security to maintain resilience. Traditional security, such as firewalls and encryption, is not sufficient on its own. Offensive security is proactive; it mimics the strategies of real attackers to stay ahead of potential threats.
A federal judge sentenced "Pompompurin," the administrator of a now-defunct data breach marketplace, to 20 years of supervised release - instead of the recommended 15-year prison sentence - for his role in BreachForums, once considered the largest English-language data breach forum of its kind.
The French data regulator imposed a fine of 10 million euros on Yahoo after determining that the company's advertising cookie policy had violated the country's privacy regulations. Yahoo deposited more than 20 tracking cookies without giving consumers a chance to withdraw consent.
Two tech advocacy groups are pushing the Federal Trade Commission to investigate Google, alleging the company has reneged on a promise it made after the Supreme Court's 2022 overturn of Roe v. Wade to promptly delete location data about users' visits to sensitive places, such as abortion clinics.
In the latest weekly update, ISMG editors discussed why crypto-seeking drainer scam-as-a-service operations are thriving, a novel legal move that recovered a hospital's stolen data, and a ground-breaking case involving bitcoin that could streamline recovery for victims.
Ireland - home to the European headquarters of a throng of multinational tech companies - is responsible for the greatest amount of aggregate data protection fines - 2.9 billion euros - since the European Union General Data Protection Regulation went into effect.
A federal judge said he is inclined to let proceed a putative class action lawsuit against Meta over its gathering of data from medical center patient portals through a web activity tracking tool. U.S. District Judge William Orrick for the District of Northern California heard arguments.
It's last call for Drizly, the alcohol delivery service Uber bought for $1.1 billion in 2021. Whether or not Drizly's past cybersecurity missteps - leading to a two-decade consent agreement with regulators - played any part in its being retired by Uber remains unclear.
The ubiquity and anonymity of cryptocurrencies are fueling economic, legal and ethical challenges that put healthcare entities in the crosshairs of cybercriminals, said David Hoffman, general counsel of Claxton-Hepburn Medical Center, which recently filed a lawsuit against ransomware gang LockBit.
A North Carolina healthcare system has agreed to pay $6.6 million to settle a consolidated class action lawsuit involving its use of tracking tools in its websites and patient portals. The suit alleges the website trackers sent sensitive patient information to third parties without their consent.
A cloud services firm has turned over to a New York hospital alliance the patient data stolen in a ransomware attack by LockBit. The hospital group had filed a lawsuit against LockBit as a legal maneuver to force the storage firm to return data the cybercriminals had stashed on the vendor's servers.
A Mississippi health system is notifying nearly 253,000 individuals that their data was potentially compromised in a "malicious and sophisticated ransomware" attack last August that also took IT systems offline. The cybercriminal gang Rhysida had claimed responsibility for the assault.
Amazon in a Luxembourg court Tuesday contested a once-record privacy fine levied against the e-commerce giant for its advertising practices by the diminutive country's data protection authority. The fine of 746 million euros stems from a 2018 complaint by French privacy group La Quadrature du Net.
A fertility testing laboratory has agreed to improve its data security practices and pay up to $1.25 million to settle a consolidated class action lawsuit filed in the wake of a 2021 ransomware attack that compromised sensitive health information of about 350,000 patients.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.