Intelligence Hearing Focuses on Need for Federal Breach Notification Law, Fixing 'Blind Spots'The SolarWinds supply chain attack that led to follow-on attacks on nine government agencies and 100 companies points to the need for a federal law requiring prompt breach notification, several senators said at a Wednesday hearing.

Pets, Sports Teams, Notable Dates and Family Member Names Predominate, Experts WarnLoving your pet and creating tough-to-crack passwords should remain two distinctly separate activities. Unfortunately, Britain's National Cyber Security Center reports that more than 1 in 6 Brits admit to using the name of a pet as their password. And the problem is global.

Social Network Attempts 'Not Hacking' Spin on Theft of 533 Million Users' DetailsFacebook has been attempting to dismiss the appearance of a massive trove of user data by claiming it wasn't hacked, but scraped. No matter how the theft is characterized, 533 million users have just learned that their nonpublic profile details were stolen and sold to fraudsters.

4 Dutch and Nigerian Suspects Accused of Scamming German Health AuthorityInterpol says Dutch and Nigerian suspects created a cloned version of a legitimate personal protective equipment provider's website to trick a German health authority seeking face masks. The case is a reminder that a "sophisticated" scheme need not require extreme technical sophistication to succeed.

The latest edition of the ISMG Security Report features an analysis of retailer Fat Face’s awkward "strictly private and confidential" data breach notification. Also featured: Discussions on the ethics of buying leaked data and the rise of central bank digital currencies.

Andy Purdy, the chief security officer for Huawei Technologies USA who formerly worked on the White House staff and in the Department of Homeland Security, discusses cybersecurity best practices.