Staples has confirmed that it's investigating a potential data breach after a report warned that elevated levels of payment card fraud had recently been tied to card numbers used by consumers who shopped at the office supply retailer.
Exploiting a vulnerability in Microsoft Office, a group of hackers believed to be Russians breached computers operated by the Ukrainian government during September's NATO summit, according to iSight Partners.
JPMorgan Chase has confirmed that 76 million households and 7 million small businesses were impacted by a breach that reportedly began in June and was not detected until late July. One fraud expert calls the breach "a national crisis."
Home Depot says an estimated 56 million payment cards were exposed in a data breach at its U.S. and Canadian stores. The retailer says an investigation revealed the breach involved custom-built malware not used in other cyber-attacks.
Now that Home Depot has confirmed its payments breach, industry experts weigh the possibility that the home-improvement giant's attack is linked to earlier breaches at Target, Sally Beauty and P.F. Chang's.
The EU is expected to approve in October an updated data protection law that spells out uniform breach notification requirements, security expert Jacky Wagner explains. The measure would apply to any business that targets Europeans.
Salesforce.com, a cloud-based customer relationship management provider, warns that malware known as Dyre is targeting certain customers. The company sees no evidence that any users have been impacted.
Goodwill Industries International says in an update about a breach affecting about 330 of its stores that approximately 868,000 payment cards were exposed. It also identifies the malware used to compromise a third-party vendor's systems.
An investigation into a suspected breach at JPMorgan Chase suggests that attackers used highly customized malware, and exploited multiple zero-day vulnerabilities, to breach the bank's network, according to news reports. But were other banks hit?
The UK's Ministry of Justice has been hit with a Â£180,000 penalty from the Information Commissioner's Office after the loss of two unencrypted hard drives containing personal information on prisoners.
A proposed German cybersecurity law would require critical infrastructure organizations to disclose all significant security incidents. Legal experts say the proposal signals Germany's attempt to take a leadership role at the EU level.