The Office of Inadequate Security
ADMINISTRATIVE PROCEEDING File No. 3-22360 December 16, 2024 – The Securities and Exchange Commission today filed settled charges against Flagstar Bancorp, Inc. (now known as “Flagstar Financial, Inc.”), for making materially misleading statements regarding a cybersecurity attack on Flagstar’s network in late 2021 (the “Citrix Breach”). The SEC’s order finds that Flagstar negligently made materially misleading…
Sarah McKenna Barry reports: The Dutch Central Bank has issued an unprecedented warning to the public to keep cash at home due to the risk of cyberattacks from Russia. Officials are concerned that cyberattacks have the potential to cause massive disruption to digital banking systems and want citizens to have some cash on them as an insurance…
The Irish Times reports: A cyber attack targeting acquisition and credit servicing firm Cabot involved theft of some 394,000 data files, including material related to its direct customers and its loan book, the High Court has heard. Cabot Financial (Ireland) Ltd, Cookstown Court, Old Belgard Road, Tallaght, Dublin, claims there are “persons unknown” behind the attack along with a…
Brian Krebs reports: The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly…
Dina Temple-Raston and James Reddick report: A Nigerian court has dropped all charges against Tigran Gambaryan, Binance’s head of financial crime compliance and a prominent former IRS investigator, two people with knowledge of the case told The Record on Wednesday. Gambaryan had been detained in Nigeria since February on money laundering and tax evasion charges….
Coinpaper reports: Radiant Capital paused its lending markets after a cybersecurity breach that resulted in losses of more than $50 million on both the BNB Chain and Arbitrum networks. According to Web3 cybersecurity firm De.Fi Antivirus, the exploit was linked to the “transferFrom” function in Radiant Capital’s smart contracts, which allowed the attacker to drain funds…