The National Institute of Standards and Technology (NIST) has proposed ending some password requirements. The changes include barring periodic password changes, not requiring the use of specific characters, and stopping the use of security questions. All organisations interacting with the federal government are required to comply with the Digital Identity Guidelines. Critics have argued against password rules that do more harm than good for a while now. NIST is accepting inputs on the guidelines till 7 October.
Change Healthcare Attack Cost Estimate Reaches Nearly $2.9B
UnitedHealth Group (UHG) has raised its estimates to nearly $2.9 billion for the total cost of the cyberattack on its Change Healthcare IT services unit.