As a result of the state’s review of the file loss, the hospital is forced to pay a $750,000 settlement. However, the true total is $475,000, which is the balance due based on the hospital’s pre-existing investment of $275,000 in technology, particularly data-handling upgrades. The remaining balance will go to enforcement payments ($250,000) and a data-security education fund ($225,000).
Google has announced that its Google Apps for Business has earned the international security standard ISO 27001 certification following a nine-month auditing process.
Corporations are starting to embrace technologies used to monitor employee Internet use, with 60 percent expected to watch workers social media use for security breaches by 2015, according to a new report from Gartner
It maintains information about people who share the same phone number or address, “non-obvious” relationships between individuals, loans for dental work, magazine subscriptions, rental history, real estate assets, investment wealth, retail purchasing, the type of federal tax return someone files, marital status, employment, utility payments, cable TV accounts, criminal records, debt-to-income ratios, changes of address, motor vehicle files, post office boxes, inferences about someone’s capacity to pay bills, predictions about someone’s propensity to pay, links to past and potential fraud crimes–and more
In retaliation against Internet Service Providers (ISPs) blocking some video-sharing and torrent websites like The Pirate Bay under Indian court orders, Anonymous, the “hacktivist” organization, today took down the websites of the ruling Congress Party and the Supreme Court of India.
Channel partners honing their compliance skills will soon be able to add one more to their portfolio with the launch of a new Payment Card Industry Security Standards Council certification program specifically targeting integrators and resellers.
Several healthcare associations are questioning another provision that would require hospitals and physician groups to conduct a security risk analysis that includes “addressing the encryption/security of data at rest.”
The latest PCI compliance stats—out this week—show trivial changes from the prior report, with Level 2 and Level 3 retailers slightly increasing compliance. Level 2 went from 91 percent at the end of December 2011 to 92 percent as of March 31, 2012, and Level 3 also increased by 1 percent, from 58 percent to 59 percent. The largest chains, the Level 1s (processing more than 6 million Visa transactions annually), stayed exactly the same, at 98 percent.
There is now an ongoing and massive cyberattack targeting the American gas-pipeline industry, aimed at giving the attacker a way to gather sensitive information by compromising business systems and possibly even subverting industrial control systems
The hacker who stole Facebook’s source code has gone public with a deeper explanation of how he penetrated the world’s most popular social network.