Conor Brian Fitzpatrick (aka “Pompompurin” of Breached.vc) isn’t the only person to have their sentence vacated and remanded for re-sentencing this year. Paige Thompson, who was responsible for the massive Capital One hack in 2019, will also be re-sentenced. Eugene Volokh writes: A short excerpt from the 9,000-word U.S. v. Thompson, decided yesterday by Ninth Circuit Judge…
Category: Financial Sector
Australia Sues FIIG Investment Firm in Cyber ‘Wake-Up Call’
Jayant Chakravarti reports: The Australian financial regulator has filed a lawsuit against FIIG Securities, accusing the leading investment and financing company of lacking adequate cybersecurity controls to stop a threat actor from stealing confidential personal information of 18,000 customers. The Australian Securities and Investments Commission said it decided to sue Brisbane-headquartered FIIG Securities in Federal Court after…
Uganda court charges senior finance officials with corruption over central bank hacking
Susmita Chaulagain reports: A Ugandan court on Wednesday charged nine senior officials from the Ministry of Finance, Planning, and Economic Development over their alleged involvement in corruption, electronic fraud, and money laundering in connection with a hacking incident that led to a financial loss of at least $21 million from the country’s central bank. The hacking occurred last year…
KuCoin Agrees to $297 Million Settlement Over Regulatory Breach
Jimi Aki reports: KuCoin, a major cryptocurrency exchange, has been hit with a $297 million settlement after admitting to a regulatory breach in the United States. The settlement includes a criminal fine of $112.9 million and a forfeiture of $184.5 million, and KuCoin will be required to exit the U.S. market for at least two…
PayPal to pay NYS $2M for violating DFS’s Cybersecurity Regulation
January 23, 2025 New York State Department of Financial Services Superintendent Adrienne A. Harris today announced that PayPal, Inc. (PayPal) will pay a $2 million penalty to New York State for violations of DFS’s Cybersecurity Regulation. An investigation determined PayPal failed to use qualified personnel to manage key cybersecurity functions and failed to provide adequate training…
Securities and Exchange Commission Settles Charges Against Flagstar for Misleading Investors About Citrix Data Breach
ADMINISTRATIVE PROCEEDING File No. 3-22360 December 16, 2024 – The Securities and Exchange Commission today filed settled charges against Flagstar Bancorp, Inc. (now known as “Flagstar Financial, Inc.”), for making materially misleading statements regarding a cybersecurity attack on Flagstar’s network in late 2021 (the “Citrix Breach”). The SEC’s order finds that Flagstar negligently made materially misleading…