To prepare to comply with Australia's new breach notification law, which goes into effect in February, organizations should start reviewing their cybersecurity posture and incidence response mechanisms, says Leonard Kleinman, RSA's chief cybersecurity advisor-APJ.
In the wake Equifax saying hackers may have stolen 143 million consumers' personal details, the company is already facing sharp questions over the robustness of its security defenses as well as reports that three executives sold stock after the breach was discovered, but before the news became public.
The Equifax breach revealed on Thursday is more significant that other mega-breaches because of the nature of the data that was potentially exposed, says cybersecurity attorney Imran Ahmad. He'll be a featured speaker at ISMG's Toronto Fraud & Breach Prevention Summit on Tuesday.
Credit reporting agency Equifax said Thursday a web application flaw exposed 143 million U.S. consumers' records to hackers, a startling breach from a company that ironically offers services to protect consumers from identity theft.
Instagram is warning that more users were affected by a hack of its systems than it first suspected. While email addresses - and some phone numbers - for celebrities, including Emma Watson and Lady Gaga, appear to have been compromised, 6 million account holders in total may have been affected.
Leading the latest edition of the ISMG Security Report: An interview with the head of a new cyber initiative to help political campaigns and local, state and federal election officials safeguard America's electoral process. Also, analyzing the evolving characteristics of the healthcare breach.
Hackers have struck Hollywood again, claiming HBO as their latest victim. So far, some unaired programming has been leaked online, as have details relating to a forthcoming "Game of Thrones" episode - but no actual episodes.
A look by DataBreachToday Executive Editor Mathew J. Schwartz at the human element behind malware leads the latest edition of the ISMG Security Report. Also, changes in the U.S. government's healthcare breach reporting website known as the "Wall of Shame."
Australia's mandatory data breach notification law, which goes into effect next February, brings a host of new requirements. Gordon Hughes, an attorney and data protection expert, discusses what organizations need to be aware of ahead of its implementation.
Sweden is grappling with the fallout from a data breach that occurred two years ago and the scope of which has only recently trickled out. It resulted in the prosecution of the former head of the Transport Agency and deep questions over an outsourcing arrangement with IBM.
Trump Hotels is warning customers that payment card data at 14 of its properties was compromised during a seven-month breach that affected service-provider Sabre. Other affected chains include Hard Rock Hotel & Casino and Loews Hotels.
Kudos to the breached business - in this case, kiosk manufacturer Avanti Markets - that quickly alerts victims and gives them actionable information for protecting themselves. Unfortunately, not all breached businesses are so forthright, as some recent data leaks demonstrate.
Avanti Markets is warning 1.6 million users of its self-service kiosk vending machines that malware-wielding hackers infected about 1,900 of its machines and stole names and payment card data, but not biometric information. Point-of-sale malware called Poseidon appears to be involved.
Travel industry giant Sabre said Wednesday an intruder using stolen account credentials for its widely used reservations software had access to payment card details and personal information over a seven-month period. But it declined to say how many people are affected.