Sergiu Gatlan reports: US federal bank regulatory agencies have approved a new rule ordering banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. Banks are only required to report major cyberattacks if they have or will likely impact their operations, the ability to deliver banking products and services, or the…
Category: Financial Sector
Robinhood Security Breach Exposes Data on Millions of Users
Annie Massa reports: Robinhood Markets Inc. said personal information of about 7 million people — or roughly a third of its customers — was compromised in a data breach last week and that the culprit demanded payment. The intruder obtained email addresses of about 5 million people as well as full names for a separate group…
Attorney General James Directs Unregistered Crypto Lending Platforms to Cease Operations In New York, Announces Additional Investigations
NEW YORK – New York Attorney General Letitia James today announced new efforts she is taking to protect New York investors, and the trading markets more generally, from exploitation by high-risk virtual currency schemes. Virtual or “crypto” currency lending platforms are essentially interest-bearing accounts that offer investors a rate of return on virtual currencies that…
Cyberattack shuts down Ecuador’s largest bank, Banco Pichincha
Lawrence Abrams reports: Ecuador’s largest private bank Banco Pichincha has suffered a cyberattack that disrupted operations and taken the ATM and online banking portal offline. The cyberattack occurred over the weekend, causing the bank to shut down portions of their network to prevent the attack’s spread to other systems. Read more on BleepingComputer.
Barclays Hacked by Cyberthieves Using Monzo Account, PISP
PYMNTS reports: Millions of pounds were swiped from Barclays accounts in a series of coordinated cyberattacks by a fraudster using a Monzo account and a payments initiation service provider (PISP), The Telegraph reported. PISPs are a newer concept, introduced by the revised European Payment Services Directive (PSD2), and give retail customers the ability to pay companies directly…
Millions of South Africans caught up in security incident after debt recovery firm suffers ‘significant data breach’
Jessica Haworth has more details on a breach previously reported on this site. More than a million South African citizens have potentially had their personal data exposed after a ransomware attack at a debt recovery services firm. The company in question, Debt-IN Consultants, confirmed this week (September 22) that it had been the victim of a cyber-attack which resulted in a…