Omni Hotels & Resorts is warning customers that for six months, hackers infiltrated its networks and used point-of-sale malware to steal payment card data. One security expert says more than 50,000 stolen cards have been sold by a hacker called JokerStash.
Would access to better information pertaining to encryption help Congress pass good crypto-related laws? That's the impetus behind a "Digital Security Commission" and a related report being hawked by some lawmakers.
Preparing for data breaches - to detect them quickly, respond appropriately and ascertain exactly what happened - can help make the difference between a security incident having major or minor repercussions, says CrowdStrike CEO George Kurtz.
In an interview, Doug Johnson of the American Bankers Association explains why the ABA rejects the Retail Industry Leaders Association's contention that a legislative proposal to hold retailers to the same cybersecurity standards as banks is unfair.
MySpace has confirmed it is resetting millions of accounts affected by the release of 360 million usernames, email addresses and passwords. According to one expert, more of these types of big breach announcements may be coming.
Since California passed its pioneering data breach notification law in 2003, many other states and some countries have followed suit. Here's a closer look at the status of breach notification requirements in four regions.
Troy Hunt, who runs one of the most prominent services for discovering if your data has been exposed in a breach, shares his thoughts on LinkedIn's recent breach and how his approach to disseminating data breach details continues to evolve.
Start preparing immediately for the EU's new General Data Protection Regulation - even though it doesn't go into force for two more years - because it mandates a number of new privacy and security requirements, warns cybersecurity expert Brian Honan.
As Europe counts down to implementing its General Data Protection Regulation, which will require EU-wide data breach notifications for the first time, similar efforts to enact a single federal law in the United States remain stalled.
LinkedIn failed to force all users to reset their passwords after a 2012 breach of at least 6.5 million credentials came to light. But it turns out the breach actually compromised 167 million accounts. Whoops.
Neither Australia nor New Zealand currently has laws on the books requiring organizations to notify people affected by data breaches. But both countries do say they are committed to introducing that requirement.
Ransomware, regulations, botnets, information sharing and policing strategies were just some of the topics that dominated the "International Conference on Big Data in Cyber Security" hosted by Edinburgh Napier University in Scotland.
The theft of $81 million from Bangladesh Bank was "part of a wider and highly adaptive campaign targeting banks," SWIFT warns its 11,000 customers. Investigators say signs point to the same attackers having hacked Sony Pictures Entertainment in 2014.
Close on the heels of the QNB leak, the same attackers have published data that appears to be from UAE-based InvestBank. The dump appears to contain payment card data, as well as a large number of sensitive, internal files relating to the bank's employees and systems.