The U.S. Air Force laid out a list of steps it is taking to better protect and regulate access to classified data in the wake of last summer’s “Discord” breach that exposed to the public hundreds of classified military and intelligence agency documents, according to a Dec. 11 report that details the service branch’s responses to the breach. […]

Verizon sign-min

It’s time for businesses to start people-proofing their systems. According to Verizon’s 16th Annual Data Breach Investigations Report released today, 74 percent of all breaches include the human element through error, privilege misuse, social engineering, or use of stolen credentials. […]

Department of Transportation

The Department of Transportation (DoT) is investigating a data breach affecting administrative systems at the department, an agency spokesperson confirmed to MeriTalk today. […]

cybersecurity

By: Terry Halvorsen, general manager, U.S. Federal Market, IBM The pandemic accelerated digital transformation, amplifying both opportunities and risks. Remote workers, new devices, partners, and integrations open organizations in ways that can radically increase their threat surface, making it less of a question of if a cyber attack will happen, but rather when. Therefore, the […]

A recent review by the Department of Homeland Security (DHS) Office of Inspector General (OIG) found that Customs and Border Patrol (CBP) did not adequately protect sensitive data on an unencrypted device used during its Vehicle Face System pilot—a facial recognition technology pilot. […]

VA

The Federal defense agency responsible for secure communications of national leaders and military operations said Social Security numbers and other personal information may have been compromised in a 2019 data breach. […]

In light of the increasing ubiquity of data breaches, Government Accountability Office (GAO) released a report today recommending that Federal agencies should discontinue knowledge-based verification to strengthen their remote identity proofing processes and that the National Institute of Standards and Technology (NIST) should provide guidance in creating alternative identity proofing methods. […]

U.S. Customs and Border Patrol (CBP) officials confirmed that no more than 100,000 photos of travelers and license plates were compromised in a data breach CBP identified on May 31, according to The New York Times and Washington Post. […]

As the reality of cyber threats and data breaches becomes closer to normal life for private and public sector organizations, a Nominet report finds that while executives know cyber risks are high, they still lack resources and accountability for handling breaches and information security. […]

email security DMARC

The Government Accountability Office (GAO) said that information on the efficacy of identity theft insurance coverage is limited in a report yesterday, adding that it is unnecessary to mandate Federal entities to offer certain levels of identity theft services. […]

Several senators said today that high-profile private-sector data breaches like those disclosed by Equifax in 2017 and Marriott in 2018 serve to boost the urgency with which Congress should act to approve legislation that would implement the country’s first national private-sector cybersecurity regulations and procedures. […]

GSA General Services Administration

The General Services Administration’s Office of Inspector General said in a report issued Oct. 19 that it wants GSA’s IT Office (GSA IT) to provide a revised corrective action plan to improve the agency’s policies for responding to breaches of personally identifiable information (PII). […]

HealthCare.gov CMS

The Department of Health and Human Service’s Center for Medicare and Medicaid Services (CMS) reported a data breach of its HealthCare.gov site, with the attacker accessing the files of about 75,000 people, the agency said in a statement released Friday. […]

Facebook

Facebook said it informed users on Friday the company discovered attackers using a new technique to potentially take over user accounts–putting 50 million accounts at risk and forcing the company to take preventative action on 90 million accounts. […]

EPA Environmental Protection Agency

Conventional wisdom is that it takes a fairly long time to detect a cybersecurity breach. Typically, most research suggests, it takes two to three months, possibly longer. That may not be the case anymore, though, according to a recent report. […]

After the credit monitoring company Equifax announced that it had detected a data breach affecting potentially 143 million U.S. consumers, Rep. Ted Lieu, D-Calif., is calling for a House Judiciary Committee hearing to investigate the breach. […]

Jason Gray, chief information officer of Education, admitted at a House Committee on Oversight and Government Reform hearing that the agency should have informed Congress of the FAFSA breach at the same time it alerted the United States Computer Emergency Readiness Team and the inspector general. […]

Categories