CUNA reports: NCUA issued a Letter to Credit Unions (23-CU-07) on the cyber incident notification requirements that go into effect Sept. 1. Credit unions will be required to notify the NCUA no later than 72 hours after the credit union reasonably believes it has experienced a reportable cyber incident or has received a notification from…
Category: Financial Sector
Proposed Second Amendment to NYDFS Cybersecurity Regulations: Comments Due August 14
Micaela McMurrough and Caleb Skeath of Covington & Burling write: Following up on the recent release by the New York Department of Financial Services (“NYDFS”) of an updated proposed second amendment to its “first-in-the-nation” Cybersecurity Regulation, 23 NYCRR Part 500 (proposed second amendment released June 28, 2023), it is not too late for companies to submit comments…
Attacked by Black Basta, BankCard USA paid ransom.
Marco A. De Felice of SuspectFile (aka @amvinfe) reports that BankCard USA (BUSA) recently paid the Black Basta ransomware group $50,000 ransom. But if BUSA hoped to keep the breach and payment out of the public eye, they should sit down before they read SuspectFile’s reporting, because it is going to make them sad. BankCard…
Police arrest suspect linked to notorius OPERA1ER cybercrime gang
Sergiu Gatlan reports: Law enforcement has detained a suspect believed to be a key member of the OPERA1ER cybercrime group, which has targeted mobile banking services and financial institutions in malware, phishing, and Business Email Compromise (BEC) campaigns. The gang, also known as NX$M$, DESKTOP Group, and Common Raven, is suspected of having stolen between…
16-year-old youth among 13 arrested for alleged involvement in banking-related malware scams in Singapore
The Straits Times/ANN reports: Thirteen people, including a 16-year-old youth, were arrested for their suspected involvement in the recent spate of banking-related malware scam cases. Preliminary investigations showed that 10 of the 13 suspects, aged between 16 and 27, had allegedly facilitated the scam cases by sharing their bank accounts, Internet banking credentials and/or disclosing…
Banks, Institutions Pay Over N200m Fines for Exposing Privacy Rights of Nigerians
Victor Enengedi reports: A total sum exceeding N200 million has been collected by the Federal Government from at least seven banks and various other institutions. The Federal Government collected these payments from these financial institutions as a consequence of their infringement upon the data privacy rights of Nigerian citizens. Read more at Legit. (If I’m…