Friday, March 10, 2017
A data breach (like a diamond) is forever! Or at least a long, long time.
Jeff John Roberts reports:
Home Depot has taken another step to move on from its colossal 2014 data breach, which involved hackers stealing email or credit card information from more than 50 million customers by infiltrating self check-out terminals.
In a new settlement with dozens of banks, the retailer has agreed to pay $25 million for damages they incurred as a result of the breach, one of the biggest in history.
The settlement, filed this week in federal court in Atlanta, also requires Home Depot to tighten its cyber-security practices and to subject its vendors to more scrutiny—a measure tied to the fact that a security flaw by a third-party payment processor made the hacked self-checkout terminals vulnerable.
Read more on Fortune.
It’s hard to convince my Computer Security students that studies like this are correct.
Study: Healthcare Organizations Are Top Targets for Hackers – 68% Have Compromised Email Credentials
Presser, but has some interesting findings:
Evolve IP, The Cloud Services Company™, today released the results of a study of Dark Web email vulnerabilities in the healthcare industry. The research, conducted in a collaboration between Evolve IP and ID Agent, reveals the pervasive nature of email-based cybersecurity attacks and sheds light on the quantity, variety, sources and consistent growth of these threats.
Healthcare IT leaders place a high priority on preventing breaches, but despite their best efforts, hackers often break through the organization’s weakest link – end user email credentials. The study, which included an analysis of 1,000 healthcare organizations, illustrates the need for proactive threat monitoring coupled with near real-time disaster recovery solutions to prevent employee email liabilities from becoming major catastrophes.