RockYou to pay FTC $250K after breach of 32M passwords

RockYou, a company that makes games and other applications for use on social networking sites, must pay $250,000 following a settlement with the Federal Trade Commission over a massive 2009 breach. Source: SC Magazine

PwC report highlights senior management complacency about security

Financial services are, not surprisingly, increasingly subject to economic cybercrime. According to a report from PwC, cybercrime is now second only to asset misappropriation as the most popular way of defrauding an organization in the financial services (FS) sector. Source: Infosecurity (USA)

$1.5M Fine Marks A New Era In HITECH Enforcement

Data breach at BlueCross BlueShield of Tennessee, and subsequent penalty, stands as example of financial fallout from poor healthcare IT security practices. Source: Dark Reading

HHS fines Blue Cross of Tennessee for theft of 57 hard drives

The US Department of Health and Human Services (HHS) is fining Blue Cross Blue Shield of Tennessee $1.5 million related to the 2009 theft of 57 unencrypted computer hard drives containing protected health information on over one million patients. Source: Infosecurity

ISSA releases SME data security standard guidance

The Information Systems Security Association (ISSA) has released the first in a series of guidance documents to accompany a new information security standard for small and medium-sized enterprises (SMEs). Source: Infosecurity

New Verizon Breach Data Shows Outside Threat Dominated 2011

Preview of Verizon Business' data breach cases shows malware and hacking the top breach methods. Source: Dark Reading

McCain, other Republican senators unveil alternative cybersecurity bill

Fulfilling a pledge made last week, Sen. John McCain (R-Ariz.) and seven of his Republican colleagues in the Senate introduced on Thursday a cybersecurity bill that takes a less regulatory approach to strengthening US cybersecurity than the Cybersecurity Act introduced last month.Source: Infosecurity (USA)