The New York Attorney General's settlement with taxi-hailing platform Uber - over alleged customer data privacy violations and a delayed data breach notification - provides a best practice security template for any organization that handles customer data.
A judge has dismissed a class-action lawsuit against Michaels, filed after the retailer warned that POS malware-wielding attackers had successfully stolen details of an estimated 2.6 million payment cards. But the ruling isn't a surprise - here's why.
Hyatt warns that it's the latest hotel chain to fall victim to POS malware. It's offered scant breach-related details, but lots of bromides about taking payment card security seriously and urging customers to keep paying by card.
Europe looks set to pass sweeping new data protection rules, which would give consumers more control over how their personal information gets used and require organizations to notify authorities whenever they suffer a data breach.
Turns out electronic learning products can be bad for children's privacy - and for their parents too. The VTech breach highlights how, despite repeated warnings, too many manufacturers continue to not take security seriously.
The security of Internet-connected toys is in the limelight after toymaker VTech acknowledged suffering a data breach that affects 5 million accounts and personal information and photographs relating to more than 200,000 children.
Ireland's Cyber Crime Conference in Dublin drew a capacity crowd for a full day of security briefings, networking, hotly contested capture-the-flag and secure-coding challenges, as well as a chance to sharpen one's lock-picking skills.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
British police have arrested a third suspect in connection with the hack attack against telecommunications provider TalkTalk. Separately, Vodafone UK also issued an alert of a breach, which it traced to reused passwords.
A third data breach affecting TalkTalk has prompted sharp questions from U.K. public officials about whether stronger breach notification laws and breach-related penalties might help prevent more such incidents from occurring.
Financial services firm E*Trade and publisher Dow Jones are separately warning their customers and subscribers that their personal information - and in some cases, payment card data - may have been compromised in a cyberattack campaign.
Credit-rating provider Experian says a hack attack compromised a server storing sensitive personal information on millions of T-Mobile customers, including those requiring credit checks for service or device financing.
The hotel chain bearing 2016 U.S. presidential candidate Donald Trump's name has confirmed that its point-of-sale systems were malware-infected for more than a year, but it's downplaying the possibility that card data was exfiltrated or used to commit fraud.
The severity of the U.S. Office of Personnel Management breach continues to grow, with investigators now reporting that hackers stolen 5.6 million people's fingerprint data. The theft may have security implications well into the future.
Security experts trace many of the world's cybercrime attacks to Russia. But Russian authorities never extradite suspects, and they allow hackers to operate with impunity - if they play by some ground rules.