The government of India withdrew a long-anticipated personal data protection bill from Parliament. The government of Prime Minister Narendra Modi vowed to instead introduce a comprehensive framework of global standard laws including digital privacy laws
A $3 million settlement is headed for final court approval in a class action lawsuit involving a 2020 cyberattack against a vendor that provides support services to hundreds of dental practices in 21 states. The incident affected more than 1.2 million of the practices' patients and employees.
The Australian Federal Police have charged a 24-year-old Melbourne man for allegedly creating global spyware purchased by over 14,500 individuals across 128 countries. Priced at $25, once it is installed on a victim's computer, it can be used to steal personal information or spy on individuals.
The chairman of the U.S. House Intelligence Committee vowed more action against makers of advance spyware such as Israel's NSO Group while witnesses pressed the panel to commit the intelligence community's resources to disrupting spyware companies.
A proposed $350 million settlement of a consolidated class action lawsuit against T-Mobile, after a 2021 data breach that affected nearly 77 million people, includes breach victims and related legal costs. The settlement requires T-Mobile to invest $150 million to bolster data security.
The Identity Theft Resource Center's data breach report for the first half of 2022 says approximately 40% of data breach notices do not list the root cause of the compromise. "Unknown" is the top cause of data breaches for the first time since the ITRC began tracking their causes.
As the world embraces renewables and green energy, is the energy sector properly learning from past cybersecurity mistakes? Rafael Narezzi, CTO of CF Partners, discusses current industrial cybersecurity shortcomings and the need for the industry to take a more mature and proactive approach.
Ransomware attacks and data breaches: One thing both have in common is the challenge of attempting to accurately understand their true scale and impact. Too often, data breach notifications lack useful details, while ransomware attacks and ransom payments go unreported.
A misconfigured Alibaba private cloud server has led to the leak of around 1 billion Chinese nationals' personal details. An unknown hacker, identified as "ChinaDan," posted an advertisement on a hacker forum selling 23 terabytes of data for 10 bitcoins, equivalent to about $200,000.
The Biden executive order on cybersecurity was a catalyst for action, with tight delivery times for steps including promotion of SBOMs and zero trust. The cyber-physical nexus and expanding threat surface mean it's not easy to maintain vigilance, but recognizing that is the first step.
Effective security and risk programs require not just domain mastery but making security accessible to boards of directors and senior officers, says Karin Höne, the group chief information security and risk officer of South Africa-based multinational Barloworld.
Ronald Raether of Troutman Pepper says privacy, data security and information governance departments must collaborate to reduce unauthorized access to systems by criminals and make data operationalization more effective. He also says proper data mapping, governance and classification are critical.
Canada's Desjardins Group has reached an out-of-court settlement to resolve a data breach class action lawsuit. The breach, which the credit union group first disclosed in 2019, traced to a "malicious" insider who for 26 months had been selling personal details for 4.2 million active customers.
The U.S. Department of Defense is seeking attorneys who are cybersecurity subject matter experts and can embed inside each agency and work closely with each other, says Lt. Col. Kurt Sanger, an attorney and deputy staff judge advocate of U.S. Cyber Command.
While the past two years have proved to be a watershed moment for cloud adoption, the fear of 'unknown unknowns,' to some extent, hampered its growth. Security practitioners are concerned whether investments in infrastructure-as-a-service (IaaS) or platform-as-a-service (PaaS) are endangering their security or...