As you read the following press release, note that they do not tell us when they first discovered that there might have been a security breach or incident. Nor do they tell us how they first discovered it. And what’s with this “out of an abundance of caution” claim? If you can’t figure out what…
Category: Financial Sector
SEC’s breach notification proposal one step closer to a final vote
Tonya Riley reports: The Securities and Exchange Commission voted Wednesday 3-1 to approve a recommendation for tighter mandatory cybersecurity requirements for financial institutions. The proposed rule will now open to public comment before a final vote. “The proposed rules and amendments are designed to enhance cybersecurity preparedness and could improve investor confidence in the resiliency of advisers…
The high cost of mishandling data breaches, security reporting for financial services
Karen Hoffman reminds readers of the costs of poor security, reporting, in part: Last month, the U.S. Securities and Exchange Commission (SEC) fined Chase $125 million due to employees’ insecure practices, namely using WhatsApp and personal email accounts to transact official business, thus not adhering to SEC record-keeping requirements. Additionally, under a separate enforcement action,…
Br: Acesso Soluções de Pagamento customers had Pix key data leaked
Abhishek Pratap reports: The Central Bank (BC) reported this Friday (21) that about 160,100 customers of Acesso Soluções de Pagamento had Pix key data leaked. It is not the first time that BC has reported data leakage. Since the launch of the instant payments system in November 2020, this is the second time. The institution…
Data theft at Desjardins: the ex-employee wanted “no media coverage”
Natasha Kumar reports: Documents made public by the court on Monday at the request of the media reveal new details about the intentions of the ex-Desjardins employee unmasked by the financial institution in the spring of 2019. […] During this meeting, Sébastien Boulanger-Dorval implored to obtain unemployment and not to have criminal charges as well…
FTC Finalizes Order with Mortgage Analytics Firm, Requiring it to Strengthen Security Safeguards, Increase Oversight of Vendors
In December, 2020, the FTC announced a proposed settlement with Texas-based Ascension Data & Analytics after a security breach involving one of its vendors resulted in the exposure of, and unauthorized access to, consumers’ mortgage applications. One year later, the settlement received final approval, as the FTC announced on December 22: The Federal Trade Commission…