The geneology service MyHeritage says a security researcher found 92 million email addresses and hashed passwords for its users on a private external server. The company, however, says there's no evidence of abnormal account activity or indications family trees or DNA results were affected.
When it comes to fraud, enterprise data has a story to tell, and it's up to security and fraud leaders to know how to interpret that story. Jim Apger of Splunk discusses reading and reacting to these stories.
The annual Infosecurity Europe conference returns to London this week, with a focus on the latest cybersecurity trends and essential practices for organizations. Hot topics range from artificial intelligence and breach response to GDPR and battling cybercriminals and nation-states.
A lawsuit seeking class action status has been filed in the aftermath of a data breach impacting 150 million users of Under Armour's MyFitnessPal mobile application and website. But the apparel maker has asked the court to compel arbitration of the case.
Hackers have reportedly demanded a ransom from Bank of Montreal and Simplii Financial in exchange for not dumping 90,000 customers' account details on a fraud forum. The FBI says online extortion and ransomware remain the top two types of cybercrime it's seeing today.
Large data breaches make headlines, trigger stock price slips and often lead to executives getting fired. But security consultant Eric Pinkerton's study of breached businesses - including Ashley Madison, Equifax and Uber - finds that many organizations not only recover from breaches, but end up thriving.
Leading the latest edition of the ISMG Security Report: Cybersecurity expert Brian Honan provides insights on why organizations that are not yet compliant with GDPR need to focus on several key steps. Also: An assessment of the progress women are making in building careers in information security.
Two of Canada's biggest banks are investigating claims by "fraudsters" that they accessed their customers' data. At risk: 50,000 Bank of Montreal customers and 40,000 Simplii Financial customers. Both banks say they've alerted potentially affected customers and plan to cover any losses.
Canadian citizen Karim Baratov has been sentenced to serve five years in U.S. federal prison after he admitted to hacking and identity theft charges connected to his working as "hacker for hire" for alleged Russian FSB officers, who have been tied to a massive 2014 breach of Yahoo.
What happens if organizations that must comply with GDPR have yet to achieve compliance, despite having had two years to do so before enforcement began? Don't panic, says cybersecurity expert Brian Honan, but do be pursuing a data privacy transparency and accountability action plan.
Leading the latest edition of the ISMG Security Report: Reports on the impact enforcement of the EU's General Data Protection Regulation, which began Friday, will have on the healthcare and banking sectors. Plus an assessment of GDPR compliance issues in Australia, which offer lessons to others worldwide.
To judge by the flood of GDPR-themed email hitting inboxes, Europe's privacy law has been designed to ensure that you say "yes" to companies that monetize the buying and selling of your personal details, regardless of whether you remember ever having done business with them before.
Researchers have discovered two new Spectre/Meltdown variants: variant 3a, a rogue system register read, and variant 4, a speculative store bypass. Some AMD, ARM, Intel and IBM Power chips have the flaws, which attackers could exploit to steal sensitive data. Some fixes have already been shipped.
The EU's General Data Protection Regulation, which will be enforced beginning May 25, has significant implications for how financial institutions worldwide handle customer data, says Brett King, CEO of Moven, an all-digital bank, who sizes up the challenges.