Top Class Actions reports: SN Servicing Corp. agreed to pay $900,000 to resolve claims that its lack of cybersecurity measures resulted in a October 2020 data breach. The settlement benefits individuals whose personal information was accessed by unknown third parties during SN Servicing’s October 2020 data breach. In July 2021, SN Servicing announced it had been the…
Category: Financial Sector
KeyBank: Hackers of third-party provider stole customer data
Frank Bajak reports: Hackers stole personal data including Social Security numbers, addresses and account numbers of home mortgage holders at KeyBank, the bank reports, in the breach of a third-party vendor that serves multiple corporate clients. The hackers obtained the information on July 5 after breaking into computers at the insurance services provider Overby-Seawell Company,…
Pk: Tension within SECP escalates as it tries to downplay data breach
Umar Cheema reports: Sensitive data of the Securities and Exchange Commission of Pakistan (SECP) has allegedly been stolen which has resulted in a tug of war between the chairman and the relevant commissioner. The latter claims she was kept in dark about the breach. The commissioner has now written to the finance minister for independent…
South Korea to ban 16 unregistered overseas crypto exchanges
FE Digital Currency reports: South Korea’s Financial Services Commission (FSC) has reported 16 foreign crypto exchanges to investigative agencies for violating the Specific Financial Information Act, Cryptoslate reported quoting news1. As per the report, the 16 companies have reportedly been offering crypto services to Koreans and conducting events geared toward Koreans despite the law prohibiting…
US regulator urges MFA and puts banks on notice – not reasonably protecting data is illegal
Jim Nash reports: A U.S. consumer finance regulator has published a circular warning that insufficient security for consumer biometric and other personal data is illegal under federal law. Multi-factor authentication is singled out as a method of making data security sufficient. Anyone reading that who still thinks it will never happen to them is invited…
NYDFS Proposed Amendments to Its Cybersecurity Rules
Patrick H. Haggerty and Elise Elam of BakerHostetler write: On July 29, the New York Department of Financial Services (NYDFS) released Draft Amendments to its Part 500 Cybersecurity Rules that include a number of significant amendments to the rules, including notification requirements such as a mandatory 24-hour notification for cyber ransom payments, specific requirements for…