Hunton Andrews Kurth writes: On February 16, 2021, the New York Department of Financial Services (“NYDFS”) issued a Cyber Fraud Alert (the “Alert”) to regulated entities in light of a growing campaign to steal Nonpublic Information (“NPI”), as defined under New York law, from public-facing websites that provide instant quotes for products like auto insurance (“Instant Quote…
Category: Financial Sector
Sequoia Capital Suffers Data Breach
Dark Reading reports: Sequoia Capital last week warned investors that some of their personal and sensitive information may have been exposed in a recent data breach of the firm. According to reports, Sequoia said the data may have been accessed by a third party in the breach, which occurred as a result of a successful phishing attack on an employee via email….
Three North Korean Military Hackers Involved in Sony Pictures Hack, Wanna Cry, and Numerous Other Attacks Indicted in Wide-Ranging Scheme to Commit Cyberattacks and Financial Crimes Across the Globe
A federal indictment unsealed today charges three North Korean computer programmers with participating in a wide-ranging criminal conspiracy to conduct a series of destructive cyberattacks, to steal and extort more than $1.3 billion of money and cryptocurrency from financial institutions and companies, to create and deploy multiple malicious cryptocurrency applications, and to develop and fraudulently…
North Korea Is Using Cyberattacks To Finance Updates To Nuclear Program, UN Experts Say
Edith M. Lederer of AP reports: North Korea has modernized its nuclear weapons and ballistic missiles by flaunting United Nations sanctions, using cyberattacks to help finance its programs and continuing to seek material and technology overseas for its arsenal, U.N. experts said. […] The panel said its investigations found that North Korean-linked cyber actors continued…
RBNZ says partner Accellion kept it in the dark about data breach
Chris Keall reports: The Reserve Bank was kept in the dark for a crucial five days about a December data breach, Governor Adrian Orr says – contradicting its technology partner’s version of events. The incident – which saw sensitive data stolen – involved a file-sharing service run by US company Accellion. Read more on NZ…
Deepfakes Expose Cracks in Virtual ID Verification
One of the things I have come to understand from reading research reports from GeminiAdvisory.io is that criminals are quite nimble and creative as conditions change, the market changes, or new security protocols are adopted. So now that financial institutions, cryptocurrency exchanges, and businesses deploy more sophisticated techniques to verify identity virtually, how are criminals…