Chain IQ said it and 19 other companies had been the target of a cyber-attack resulting in a data leak that was published online on the darknet. CNA reports: Swiss bank UBS on Wednesday said it had suffered a data leak due to a cyber attack against one of its providers, but that no client…
Category: Financial Sector
Slapped wrists for Financial Conduct Authority staff who emailed work data home
How many warnings would you give employees not to send work to their personal email accounts? And why hasn’t a government agency deployed a software solution to prevent such transmissions? Connor Jones reports: Four staffers at the UK’s Financial Conduct Authority (FCA) were let off with warnings over separate cases involving the transmission of regulator…
North Dakota Enacts Financial Data Security and Data Breach Notification Requirements
Hunton Andrews Kurth writes: On April 11, 2025, the North Dakota governor signed H.B. 1127 (the “Act”), which establishes new data security measures and breach notification obligations for financial corporations. Covered entities include those that are regulated by the North Dakota Department of Financial Institutions and exclude financial institutions, such as banks, and credit unions. Key requirements,…
North Dakota Expands Data Security Requirements and Issues New Licensing Requirements for Brokers
A.J. S. Dhaliwal, Mehul N. Madia, and Beineng Zhang of SheppardMullin write: On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates a new data security mandate for financial corporations—a category that includes non-depository entities regulated…
The PIPC Sanctions Woori Card for Data Breaches, Imposing KRW 13.45 billion
The Personal Information Protection Commission (PIPC) held its seventh plenary meeting of 2025 and reached a decision to sanction Woori Card Co., Ltd. (Woori Card) for data breaches on March 26, 2025. Administrative sanctions by the PIPC are as follows: A penalty for violations (Gwajingguem) of KRW 13.45 billion; A publication order of sanction results…
Ninth Circuit Reverses Probation Sentence for Paige Thompson
Conor Brian Fitzpatrick (aka “Pompompurin” of Breached.vc) isn’t the only person to have their sentence vacated and remanded for re-sentencing this year. Paige Thompson, who was responsible for the massive Capital One hack in 2019, will also be re-sentenced. Eugene Volokh writes: A short excerpt from the 9,000-word U.S. v. Thompson, decided yesterday by Ninth Circuit Judge…