Hackers claimed to have stolen internal data from Apple supplier Foxconn, and leaked the information online, in response to media reports of poor working conditions at the electronics manufacturer's factories in China.

An in-depth study of data-breach problems last year where hackers infiltrated 312 businesses to grab gobs of mainly customer payment-card information found the primary way they got in was through third-party vendor remote-access applications or VPN for systems maintenance.

The Department of Justice today said a man who sent malicious code to Marriott International Corporation, threatening to reveal confidential information taken from the company's computers if Marriott did not offer him a job, has been sent to prison for his criminal endeavor.

A VeriSign filing with the Securities and Exchange Commission reveals that the company suffered more than one data breach in 2010, raising questions about how secure the company's products are and what customers should do about it.

IT professionals believe that assessing the potential harm caused by data breaches is more useful to mitigating the effects of such incidents than notifying affected individuals, according to a survey published on the day the European Union's proposed a 24-hour deadline for data breach disclosures.

A proposed new data-protection law for the European Union includes fines of up to two percent of global turnover for companies that breach the rules, E.U. Justice Commissioner Viviane Reding announced Wednesday.

In acknowledging a data breach in which information related to as many as 24 million customers was stolen, online shoe and clothing retailer Zappos has taken assertive steps, including compelling customers to change passwords, plus temporarily foregoing 800-number phone service in an effort to redeploy customer-service representatives to respond to customer email.

A member of the Anonymous hacktivist collective has published a list of Internet-facing Israeli SCADA (supervisory control and data acquisition) systems and alleged log-in details.

Security experts say it all the time: If a company thinks it has suffered a data security breach, the key to getting at the truth unscathed is to have a response plan in place for what needs to be done and who needs to be in charge of certain tasks. And, as SANS Institute instructor Lenny Zeltser advised in CSOonline's recent How to Respond to an Unexpected IT Security Incident article, "ask lots and lots of questions" before making rash decisions.

Obama's appointment of Vivek Kundra marks an important first step for rectifying the nation's concerns about IT.

Think you can guess the No. 1 threat to the security of your stored data? If you said hackers, or even trouble-making insiders, you'd be wrong. While malicious threats are an ongoing concern, it's your well-meaning employees who are more likely to unknowingly expose your company's stored data through, say, a file-sharing network or a misplaced laptop.