Google says a buggy API update it pushed last month for its soon-to-be-mothballed Google+ social network exposed personal information for 52.2 million users. The data-exposure alert arrives just two months after Google admitted that a March problem with the same API exposed data for 500,000 users.
Marriott's mega-breach underscores the challenges companies face in securing systems that come from acquisitions as well as simply storing too much consumer data for too long, computer security experts say. Meanwhile, the hotel giant has yet to answer many pressing data breach questions.
The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel. The breach alert follows a recent GAO report warning of serious cybersecurity shortcomings in U.S. weapon systems.
In harmony with a wave of global privacy and security legislation, Canada has its own new breach notification requirements going into effect on Nov. 1. Attorney Ruth Promislow says these standards will force organizations to shift from a reactive to a proactive approach to incident response.
Credit bureau Equifax has been hit with the maximum possible fine under U.K. law for "multiple failures" that contributed to its massive 2017 data breach, including its failure to act on a critical vulnerability alert issued by the U.S. Department of Homeland Security.
November 1 ushers in a whole new era of breach notification requirements for Canada. What are the new standards, and how prepared are Canadian organizations? Attorney Imran Ahmad shares insights.
2018 has been an important year in Canada from a cybersecurity and privacy standpoint. The introduction of Canada's new National Cybersecurity Strategy in June of this year along with the upcoming mandatory breach notification requirements effective November 1, 2018 are just the tip of the iceberg. In a complex world...
Air Canada is forcing 1.7 million mobile app account users to reset their passwords after it detected unusual login behavior that it says may have exposed 20,000 accounts, including passport information. But the company is enforcing password complexity rules that experts advise against.
U.K. health and beauty retailer Superdrug Stores is warning customers that attackers may have compromised some of their personal information, apparently because they'd reused their credentials on other sites that were hacked. While Superdrug quickly notified victims, it stumbled in three notable ways.
Singapore's largest healthcare group has suffered a hack attack that exposed 1.5 million residents' personal details. But authorities say the "deliberate, targeted and well-planned attack" appears to have been principally designed to steal medical information pertaining to the country's prime minister.
The hacking of an email account of a medical clinic employee during travels overseas demonstrates the risks posed to data when workers travel. Security experts offer insights on mitigating those risks.
Timehop, the social media app that resurfaces older social media posts for entertainment, says its ongoing investigation has revealed that an attacker may have compromised more personal information than it previously suspected over the course of a breach that lasted at least seven months.
Ticketmaster is warning customers that it suffered a data breach after an attacker modified its third-party chatbot software to steal customers' payment card details. Software provider Inbenta Technologies says Ticketmaster should never have been running the JavaScript software on a payments page.
Helping victims know their passwords have been exposed in a data breach is half the battle in the fight to improve password security. To help, Mozilla and 1Password are integrating into their products a feature from the popular "Have I Been Pwned" breach notification service.
Human resources software developer PageUp says it doesn't appear that personal data exposed in a malware attack was actually removed from its systems. But it has also found authentication error logs that recorded incorrect login attempts from before 2007.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.
