Patrick Ouellette reports: Following months of feedback and different tweaks, the National Institutes of Standards and Technology (NIST) has finally issued its voluntary cybersecurity framework. The release completes the year-long NIST public-private effort and a key part of the Executive Order on “Improving Critical Infrastructure Cybersecurity” that President Obama announced in the 2013 State of the Union….
MI: Dental patients' information stolen, misused after employee invites some friends to the office after hours
Steve VanBergen reports: A full prescription fraud investigation is taking shape after a dentist office employee invited people to the office after hours, resulting in stolen information. Police say patients’ credit card information may also be compromised. The incident happened on Tuesday at a dental office in Antwerp Township, according to the Van Buren County…
South Korea regulator reaffirms harsher measures against card firms over data leak
Yonhap News reports that in addition to some stiff penalties imposed by its financial regulator on credit card firms who suffered data leaks, the government continues to look at ways to strengthen the protection of private data: In a report to the parliament, FSC chairman Shin Je-yun said the regulator plans to suspend the card…
Employees’ personal information compromised in Las Vegas Sands hacking (Updated)
Christopher Palmeri reports: Las Vegas Sands Corp. (LVS), the world’s largest casino operator, was attacked by hackers who defaced at least one company website and posted personal information about employees. The unidentified intruders temporarily took over the home page of the Sands Casino Resort in Bethlehem, Pennsylvania, posting statements criticizing Chairman and Chief Executive Officer Sheldon…
UK: South Yorkshire police admit 70 data breaches
Police chiefs in South Yorkshire have defended the force’s record for abiding by the Data Protection Act – despite admitting officers and staff have breached the rules on 70 occasions. Forces across the country have released details, under the Freedom of Information Act, of how many times data breaches occurred during a four year period….
Email Attack on Vendor Set Up Breach at Target
Brian Krebs reports: The breach at Target Corp. that exposed credit card and personal data on more than 110 million consumers appears to have begun with a malware-laced email phishing attack sent to employees at an HVAC firm that did business with the nationwide retailer, according to sources close to the investigation. Read more on KrebsOnSecurity.com