Security news aggregator

Latest coverage for Fine

Stay informed on the latest in information security trends, breaches, and best practices with our expertly curated content on cyber safety.

505 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

A fine is a monetary penalty imposed by a competent authority or court for violating a law, regulation, or legally binding requirement. In information security and privacy, it may follow inadequate safeguards for personal data, unlawful processing, failure to meet required reporting or record-keeping duties, or non-compliance with sector-specific controls. The legal basis, maximum amount, and factors such as severity, duration, negligence, cooperation, and remediation vary by jurisdiction; a fine is generally punitive rather than compensation for affected parties.

For security practitioners, a fine signals that controls and security decisions may be examined as evidence of compliance. Maintain documented risk assessments, access reviews, patching decisions, supplier oversight, logging, and retention practices, especially where they protect regulated data. During an incident, preserve relevant records and establish an accurate timeline for containment, notification, and remediation. Privacy requirements such as data minimization and retention limits can therefore be security controls as well as legal obligations. A fine does not by itself establish that a particular attack or breach occurred.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 505 Filtered view

Investigators Found Months of Unchecked Database Scraping ActivitySouth Korea's privacy regulator fined Coupang a record 624.7 billion won after concluding that weak authentication controls, insider access abuse, evidence destruction and unauthorized data collection contributed to the exposure of personal information belonging to 33.7 million people.

Bank Info Security 1 month, 3 weeks ago

Liberty Mutual Sued Over Alleged Everest Group Data Theft

Incident Comes Months After NYS Fined Liberty Mutual $2M in Other HacksInsurance carrier Liberty Mutual is facing proposed class action litigation filed by policyholders who allege their sensitive information was compromised in an April data theft claimed by cybercrime gang Everest Group. The incident is the company's latest data security related troubles.

Bank Info Security 2 months, 1 week ago

NY Fines Delta Dental $2.25M Over 2023 MOVEit Hack

Investigators Find Violations of State Cyber RegulationsNew York fined Delta Dental $2.25 million for the company's response to the mass exploit of a zero-day vulnerability in Progress Software' MOVEit file transfer application. Delta Dental is one of thousands of organizations caught up in the blast radius of an automated 2023 Memorial Day hack.

Bank Info Security 2 months, 2 weeks ago

Cybersecurity Experts Unimpressed With CISA OT Guidance

Zero Trust Is 'Essential' - But Who Pays for It?New guidance from the U.S. Cybersecurity and Infrastructure Security Agency on adapting zero trust security principles for operational technology is fine as far as it goes, but is pretty high-level and ignores or fudges a couple of key questions, say executives and experts.

Bank Info Security 2 months, 3 weeks ago

Poor Risk Analysis Cost 4 Firms $1.7 Million in HIPAA Fines

HHS OCR Breach Investigators Again Find All-Too-Common Risk Analysis FailuresFaulty or non-existent security risk analyses cost a medical imaging provider, a women's healthcare group, a health plan and a third-party insurance administrator a collective $1.7 million in fines after federal regulators concluded they didn't do enough to prevent ransomware attacks.

Bank Info Security 2 months, 3 weeks ago

Setbacks Cost Healthcare Firms $1.7M in HIPAA Fines

HHS OCR Breach Investigators Again Find All-Too-Common Risk Analysis FailuresFaulty or non-existent security risk analyses cost a medical imaging provider, a women's healthcare group, a health plan and a third-party insurance administrator a collective $1.7 million in fines after federal regulators concluded they didn't do enough to prevent ransomware attacks.

Also: ZachXBT Uncovers DPRK Worker Scam, Hyperbridge Hack, Coinone FineThis week, Operation Atlantic disrupts $45M phishing fraud, ZachXBT uncovers DPRK crypto worker scheme, Hyperbridge exploit, South Korea fines Coinone $3.5M, Kraken faces extortion attempt over insider data leak and American musician loses $420K in fake Ledger app.

Bank Info Security 3 months, 2 weeks ago

State AG Sues Change Healthcare in 2024 Ransomware Attack

Iowa Seeking Civil Monetary Fines, Damages for Alleged ViolationsIowa's state attorney general is seeking financial damages, civil penalties and improvements to UnitedHealth Group's data security practices for alleged violations of state and federal laws and other claims involving the 2024 ransomware attack on its Change Healthcare unit.

Loading more headlines...