Nearly 7.9 million Americans were affected by almost 30,800 health information breaches between September 2009, when a federal healthcare breach notification rule took effect, and the end of 2010, according to a new report to Congress.
"Everyone from the Fed down knew about this and chose to let it go," says mortgage fraud expert L.T. Lafferty. "As a result of that regulatory complacency, the market continues to be plagued with fraudulent activity."
Three Seattle area men have been arrested for their alleged involvement in separate ATM skimming schemes that drained more than half a million dollars from retail customer accounts in at least six states.
"Our proposal would give judges the authority they need to adequately punish serious offenders and to make these penalties commensurate with the same type of conduct occurring offline," Associate Deputy Attorney General James Baker tells Congress.
The Treasury Department's Office of Terrorism and Financial Intelligence has worked to prevent anti-money laundering and illegal cash flow from reaching the hands of terrorist groups, but more needs to be done to further mitigate risks, says Treasury Assistant Secretary Daniel L. Glaser.
"What banks need to be aware of is that much of this fraud is occurring on the consumer and business-customer side, and not all of them will invest in technology that catches these attacks," says Phil Blank of Javelin Strategy & Research.
Providing HIPAA compliance auditors with complete documentation of every aspect of your privacy and security strategy, along with evidence of corrective action taken to mitigate risks, is essential, says consultant Cliff Baker.
Philip Reitinger's appointment as Sony's first chief information security officer comes more than four months after a massive breach of Sony's PlayStation gaming system that exposed the personal identifiable information of some 77 million customers.
New York State Office of Cybersecurity Director Tom Smith says an information asset classification policy implemented by his office is helping agencies identify their critical data and apply appropriate controls to protect it.
A new California law requires that organizations experiencing a data breach provide more detailed information to the individuals affected. The law, which covers breaches involving financial, healthcare and other personal information, goes into effect Jan. 1.
In an ironic twist, a new phishing scheme, purporting to be from the Federal Deposit Insurance Corp., actually claims to offer assistance with ACH and wire fraud, but instead delivers malware that could enable fraud.