The Personal Information Protection Commission (PIPC) held its seventh plenary meeting of 2025 and reached a decision to sanction Woori Card Co., Ltd. (Woori Card) for data breaches on March 26, 2025. Administrative sanctions by the PIPC are as follows: A penalty for violations (Gwajingguem) of KRW 13.45 billion; A publication order of sanction results…
Category: Financial Sector
Ninth Circuit Reverses Probation Sentence for Paige Thompson
Conor Brian Fitzpatrick (aka “Pompompurin” of Breached.vc) isn’t the only person to have their sentence vacated and remanded for re-sentencing this year. Paige Thompson, who was responsible for the massive Capital One hack in 2019, will also be re-sentenced. Eugene Volokh writes: A short excerpt from the 9,000-word U.S. v. Thompson, decided yesterday by Ninth Circuit Judge…
Australia Sues FIIG Investment Firm in Cyber ‘Wake-Up Call’
Jayant Chakravarti reports: The Australian financial regulator has filed a lawsuit against FIIG Securities, accusing the leading investment and financing company of lacking adequate cybersecurity controls to stop a threat actor from stealing confidential personal information of 18,000 customers. The Australian Securities and Investments Commission said it decided to sue Brisbane-headquartered FIIG Securities in Federal Court after…
Uganda court charges senior finance officials with corruption over central bank hacking
Susmita Chaulagain reports: A Ugandan court on Wednesday charged nine senior officials from the Ministry of Finance, Planning, and Economic Development over their alleged involvement in corruption, electronic fraud, and money laundering in connection with a hacking incident that led to a financial loss of at least $21 million from the country’s central bank. The hacking occurred last year…
KuCoin Agrees to $297 Million Settlement Over Regulatory Breach
Jimi Aki reports: KuCoin, a major cryptocurrency exchange, has been hit with a $297 million settlement after admitting to a regulatory breach in the United States. The settlement includes a criminal fine of $112.9 million and a forfeiture of $184.5 million, and KuCoin will be required to exit the U.S. market for at least two…
PayPal to pay NYS $2M for violating DFS’s Cybersecurity Regulation
January 23, 2025 New York State Department of Financial Services Superintendent Adrienne A. Harris today announced that PayPal, Inc. (PayPal) will pay a $2 million penalty to New York State for violations of DFS’s Cybersecurity Regulation. An investigation determined PayPal failed to use qualified personnel to manage key cybersecurity functions and failed to provide adequate training…