Security experts remain puzzled how hackers orchestrated their compromise of a Virginia state health care website.

The former IT director at the Houston-based LifeGift Organ Donation Center has pleaded guilty to charges she illegally accessed the organization's network to delete data, according to a U.S. Department of Justice news release on Thursday. Danielle Duann, 51, remotely accessed the network from her home, two days after she was fired in November 2005. She deleted a number of files, applications and backups related to LifeGift's organ and tissue procurement operation, causing $94,200 in damage. She is scheduled to be sentenced in July and faces up to 10 years in prison. — DK

Reports of swine flu in Mexico and the United States has caused an outbreak of its own on the internet, with reports of a precipitous rise in spam and rogue internet sites being created to reference the hot news item.

Despite the financial crisis, companies are still putting forth money for IT security efforts while overall IT spending is less of a priority, according to a new survey conducted by strategy and business advisory firm MetroSITE Group, and Pacific Crest Securities, a technology investment bank.

In a recent assessment, organizations had an average of 156 applications traversing their networks -- some of which pose a danger to the organization.

In 2009, virtually all health care providers take credit cards - and virtually none of them are PCI compliant.

Now that that the stimulus package has passed, health care information security moves from an objection to a requirement. There is growing acceptance that, like it or not, electronic medical records will play a more important role in health-care service delivery.

Some employees are taking advantage of access policy gaps without realizing they are breaking privacy laws.

A pharmacist wholesaler in Austria modernized its distribution systems and found protection for its network.