Gareth Corfield reports: A Cayman Islands-based investment fund has exposed its entire backups to the internet after failing to properly configure a secure Microsoft Azure blob. Details of the fund’s register of members and correspondence with its investors could be freely read by anyone with the URL to its Azure blob, the Microsoft equivalent of…
Category: Financial Sector
ZA: Absa accuses employee of leaking customer data
Admire Moyo reports that Absa, one of the country’s largest banks, has disclosed a data breach that resulted in customer data being shared with external parties> In a statement to ITWeb, the bank says: “Absa advises that an employee has unlawfully made selected customer data available to a small number of external parties. The leaked…
CFPB to Play Peacemaker in Battle for Consumers’ Financial Data
Lydia Beyoud reports: The CFPB is ready to shape the next phase of open banking in the U.S. as it develops standards for how vast amounts of consumer financial data is shared among banks, fintech apps, and data transfer companies. Financial data sharing has been largely left in private-sector hands, but the Consumer Financial Protection…
State Financial Regulators Issue Ransomware Mitigation Tool
Kimberly Peretti, Amy Mushahwar, and Alysa Austin of Alston & Bird write: On October 13, 2020, state financial regulators in partnership with the Bankers Electronic Crimes Taskforce and the U.S. Secret Service, released the Ransomware Self-Assessment Tool (R-SAT) to help financial institutions mitigate the risks of ransomware. The R-SAT is a detailed questionnaire designed to evaluate the…
OH: 11 charged in conspiracy to steal account information, money from bank customers
October 9 — A federal grand jury has charged 11 Cincinnatians in a conspiracy to steal bank customers’ information in Greater Cincinnati and Northern Kentucky in an indictment unsealed here today. According to the indictment, five of the defendants were employed as customer service representatives at Fifth Third Bank in Cincinnati, and in conspiracy with…
Office of the Comptroller of the Currency fines Morgan Stanley $60 million for 2016 data breach
Brendan Pedersen reports: Morgan Stanley was slapped with a $60 million fine by regulators Thursday for risk management problems tied to a 2016 data breach. The consent order by the Comptroller of the Currency cited failures at both Morgan Stanley Bank, N.A., and Morgan Stanley Private Bank, N.A. related to the shutdown of two wealth…