A lawsuit seeking class-action status was filed against UCLA Health on the first business day after the healthcare organization revealed it was the victim of a cyberattack that potentially compromised information on 4.5 million individuals.
Privacy attorney Kirk Nahra says largely overlooked provisions tucked away in the "21st Century Cures" bill recently passed by the U.S. House of Representatives could have a significant impact on patient privacy.
After jumping by 33 percent in 2014, the number of Americans who consider themselves IT security professionals has remained flat for the first half of 2015, according to an examination of federal government employment data. That's bad news for employers seeking IT security pros to hire.
Outrage has erupted in Britain after a London police helicopter crew tweeted a photograph of well-known comedian Michael McIntyre as he was about to cross the road. Has the British surveillance state run amok?
Shed a tear for enthusiasts of aging Microsoft Windows operating systems. That's because Microsoft has now retired Windows Server 2003 support, as well as anti-virus scanner and signature updates for Windows XP. But breaking up can be hard to do.
Federal regulators have slapped a Boston area hospital with a $218,000 HIPAA penalty after an investigation following two security incidents. Experts analyze the lessons that the settlement agreement offers.
Although they apparently weren't caused by cyber-attacks, the impacts of computer failures at the New York Stock Exchange, United Airlines and the Wall Street Journal have much in common with the aftermath of breaches.
Is it wrong that accused Lizard Squad hacker Julius Kivimaki, a teenager who was convicted of 50,700 "instances of aggravated computer break-ins" attacks, gets to walk away without having to serve any jail time?
As federal lawmakers return this week from their Independence Day recess, Congress picks up where it left off before the break: holding hearings on the Office of Personnel Management breach that exposed the personal records of millions of government workers.
MasterCard is testing a smartphone app that lets users approve online transactions using facial recognition, via the equivalent of taking a selfie. But could such technology be spoofed, and will it reduce card fraud?
The PCI Security Standards Council has just released version 2 of its point-to-point encryption standard. Jeremy King of the PCI SSC explains how this optional standard can complement PCI-DSS compliance.
Would encryption, two-factor authentication and other measures stop a determined adversary from stealing millions of U.S. government personnel files? No, a former CIA CISO says. Read how Robert Bigman would defend against OPM-style cyber-attacks.