Security news aggregator

Latest coverage for Incident

Incident coverage examines breaches, outages, and response failures to explain how security events affect systems, data, and organizations.

6 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

An incident is a suspected or confirmed event that threatens the confidentiality, integrity, or availability of information or systems, or violates a security policy. Examples include unauthorized access, malware execution, exposed credentials, data loss, and disruptive attacks. Not every alert is an incident: triage determines whether an event is credible, its scope, and the assets or data involved.

Incident handling requires timely detection, analysis, containment, eradication, and recovery. Practitioners must preserve relevant evidence, identify affected accounts and systems, assess whether data was accessed or altered, and prevent recurrence. Clear escalation and documentation support privacy or regulatory notifications when applicable. Findings should feed security improvements such as closing exploited vulnerabilities, strengthening access controls, and updating detection and response procedures.

Showing 6 most recent headlines Filtered view
Bank Info Security 2 years, 2 months ago

Health Plan Services Firm Notifying 2.4 Million of PHI Theft

Data Stolen Over a Year Ago, But WebTPA Didn’t Discover Hack Until DecemberA Texas-based firm that provides health plan administration services is notifying more than 2.4 million individuals of a hacking incident and data theft that happened more than a year ago. Why did it take WebTPA so long to report that a breach occurred?

Bank Info Security 2 years, 2 months ago

US SEC Approves Wall Street Data Breach Reporting Regs

Covered Financial Institutions Have 30 Days to Notify Customers of Data BreachesThe Securities and Exchange Commission unanimously approved updated regulations for covered financial institutions requiring entities such as fund companies and investment advisers to notify customers within 30 days of a cyber incident that compromised their data.