Two Indiana attorneys, frustrated by delays in obtaining patient records on behalf of clients, are seeking more than $1 billion in damages in a lawsuit alleging 60 hospitals in the state fraudulently received HITECH Act electronic health record incentive payments.
The U.S. government has charged three employees of Chinese cybersecurity firm Boysec with stealing valuable intellectual property from Siemens, Moody's Analytics and Trimble. Security researchers say Boysec has been operating since 2007 and is also known as APT 3 and Gothic Panda.
When Arbor Network's Paul Bowen looks at the IoT threat to healthcare, he's concerned about how medical devices are conceived, created and connected. And he says device manufacturers are dangerously behind the maturity curve when compared to threats actors.
It's more than a honeypot, and it's different from "hack back." The topic is deception technology, and Carolyn Crandall of solutions vendor Attivo discusses myths and realities of this emerging cybersecurity toolset.
The California attorney general's office has smacked Cottage Health System with a $2 million settlement in the wake of breaches in 2013 and 2015. What lessons can be learned from this significant enforcement action?
Reports that a plea deal is about to be reached for Karim Baratov - extradited from Canada to the United States on charges that he assisted Russian intelligence agents with the massive hack of Yahoo in 2014 - are premature, his attorney tells Information Security Media Group.
Every new cybersecurity regulation includes at least some emphasis on improving vendor risk management. But what happens when vendors balk at the extra degree of scrutiny required? Moffitt Cancer Center's Dave Summitt describes his risk-based approach to business associates.
As the GDPR's enforcement date nears, North American healthcare organizations are scrambling to ensure their data protection policies and practices are up to snuff. Mitch Parker of Indiana University Health System offers his prescription for GDPR compliance.
The steady stream of new reports about years-old breaches continues as Imgur, the popular photo-sharing service, belatedly warns that it suffered a breach in 2014 that compromised 1.7 million users' accounts.
Uber's tardy data breach notification - one year after the incident occurred - has trigged fresh questions about how quickly companies should come clean after they suffer a cybersecurity incident.
Like its mythological namesake, the source code for Zeus malware appears to be immortal. New variants continue to surface, including the Terdot banking Trojan, which is also designed to steal email and social networking credentials while remaining hidden.
HyphBot botnet malware is forcing infected PCs to sneakily view high-priced video ads, allowing fraudsters to reap upwards of $1.3 million in daily ad spending, a Danish advertising technology firm warns. The scheme highlights the challenges facing online advertisers seeking legitimate viewers.
Britain's data privacy watchdog has launched a probe of the massive 2016 data breach suffered by Uber. More than 12 months after the breach, the ride-hailing service is scrambling to notify 57 million individuals across multiple countries that their personal details were exposed.
Uber paid hackers $100,000 to keep quiet about a 2016 breach that exposed 57 million accounts belonging to customers and drivers, Bloomberg reports. But was the payment a bug bounty, as Uber has suggested, or really an extortion payoff and hush money?
U.S. prosecutors have unsealed an indictment against an Iranian man charged with trying to extort entertainment company HBO for $6 million in bitcoins. The case marks a rare public naming of someone accused of cyber extortion, which poses an increasing risk for all organizations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.