Cybersecurity News

RSS

Retailer Neiman Marcus said that thieves stole some of its customers' payment card information and made unauthorized charges over the holiday season.

Ginger Reeder, spokeswoman for Dallas-based Neiman Marcus Group Ltd., said in an email that the retailer had been notified in mid-December by its credit card processor about potentially unauthorized payment activity following customer purchases at stores, said AP. On Jan. 1, a forensics firm confirmed evidence that the upscale retailer was a victim of a criminal cyber-security intrusion and that some customers' credit and debit cards were possibly compromised as a result, said AP.

Reeder wouldn't estimate how many customers may be affected but said the merchant is notifying customers whose cards it now knows were used fraudulently. Neiman Marcus, which operates more than 40 upscale stores and clearance stores, is working with the Secret Service on the breach, said AP.

"We have begun to contain the intrusion and have taken significant steps to further enhance information security," Reeder wrote.

Citing the Target data breach, Senator Leahy of Vermont reintroduced the Personal Data Privacy and Security Act, which would "establish a national standard for data breach notification, and require American businesses that collect and store consumers’ sensitive personal information to safeguard that information from cyber threats."

Target announced that its data breach last year affected 70 million compared to the original number of 30 million.

A California escrow firm that was forced out of business last year after a $1.5 million cyberheist is now suing its former bank to recoup the lost funds.

A new study shows senior managers account for some of the greatest security risks because they are prone to take work, and thus security vulnerabilities, home with them.

A Utah law firm has filed a class action lawsuit against Target, alleging the retailer owes no less than $5 million in damages for its recent data breach.

Defense officials see cyberattacks as the greatest threat to U.S. national security, a survey released Monday says. Forty-five percent of respondents to the Defense News Leadership Poll named a cyberattack as the single greatest threat – nearly 20 percentage points above the second ranked threat: terrorism.

The Chief Information Security Officer (CISO) not only protects IT systems with special hardware, software and secure business processes, but he or she also creates, implements and communicates the organization’s digital information security policies and procedures.

Small business doesn’t necessarily mean small data. In fact, according to Michael Bruemmer, vice president at Experian Data Breach Resolution, thieves prefer to target small- to medium­–sized businesses (SMBs) because many lack the resources or expertise to manage cybersecurity. Retailers are especially easy targets for cybercriminals who look to hijack credit card data, but customers aren’t the only victims.

Let’s start with the good news. Malicious insider activity is relatively rare. Unfortunately, even though outsiders account for 85 percent of cybersecurity incidents, the damage often is substantially greater when an insider strikes.