Turns out electronic learning products can be bad for children's privacy - and for their parents too. The VTech breach highlights how, despite repeated warnings, too many manufacturers continue to not take security seriously.
Top American and Chinese government officials, meeting this week in Washington, agreed to create a common understanding on cyberthreats and how to respond to them, but the two sides offered different characterizations of the tone of the dialogue.
The breach of Hong Kong toymaker VTech highlights security experts' growing concern over manufacturers selling devices - for enterprises, medical purposes, schools as well as homes and now toy boxes - that don't appear to be secure by design.
The Chinese government concedes the attack on U.S. Office of Personnel Management computers emanated from China, but it contends the culprits were criminals, not individuals working for the Chinese government or military. Some experts in the United States aren't buying the Chinese government's explanation.
Target Corp. has reached a proposed $39.4 million settlement with a group of financial institutions that sued the retailer over fraud losses and expenses suffered as a result of Target's December 2013 data breach.
The security of Internet-connected toys is in the limelight after toymaker VTech acknowledged suffering a data breach that affects 5 million accounts and personal information and photographs relating to more than 200,000 children.
While cyberattacks will continue to menace healthcare and other business sectors next year, organizations can't afford to overlook addressing risks tied to insiders, who are responsible for most data breaches, says Michael Bruemmer of Experian Data Breach Resolution.
Ireland's Cyber Crime Conference in Dublin drew a capacity crowd for a full day of security briefings, networking, hotly contested capture-the-flag and secure-coding challenges, as well as a chance to sharpen one's lock-picking skills.
TalkTalk's confusion in the wake of its recent data breach, as well as mangling of technical details and failure to encrypt customer data, demonstrate the importance of having an incident-response plan ready in advance of any breach, experts say.
The FBI is pursuing a suspected Russian hacker who reportedly amassed a trove of 1.2 billion stolen online credentials, plus payment card data and Social Security numbers, and who's offered access to hacked Facebook and Twitter accounts.
Reversing recent claims that it was unaware of any data breaches, hotel chain Hilton Worldwide now says it suffered a POS malware infection that affected an unspecified number of hotels, customers and payment cards in 2014 and 2015.
The surge in data breaches has left millions of consumer records compromised. As a result, fraudsters have all they need to open bogus accounts, which cost banks huge losses linked to what Greg Shelton of LexisNexis Risk Solutions calls "sleeper fraud."
Too many security awareness and education programs fail because they're boring, says Lance Spitzner, research and community director for the SANS Institute's "Securing the Human" program. Read his suggested fixes.
LabMD's recent victory in its long legal battle with the Federal Trade Commission will be short-lived, the medical testing lab's CEO predicts. Find out why, and what changes Michael Daugherty hopes the case will bring to FTC's enforcement practices.
Starwood Hotels and Resorts has confirmed a point-of-sale breach, but card issuers say they don't believe the Starwood breach is isolated, and that fraud patterns indicate that another, perhaps larger breach, is impacting cards across the country.