Summary This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber Command (USCYBERCOM). Working with U.S. government partners, CISA, Treasury, FBI, and USCYBERCOM identified malware and indicators of compromise (IOCs) used by the…
Category: Financial Sector
Japan: Mitsukoshi and MI Card announce data breach affecting approximately 19,000 customers
OneTrust Data Guidance reports: Isetan Mitsukoshi Co., Ltd and MI Card Co., Ltd announced, on 5 August 2020, that they had suffered a data breach affecting approximately 19,000 customers as a result of unauthorised access. In particular, MI Card noted that the data breach occurred on the Isetan Mitsukoshi Online Store as well as MI Card’s homepage. In…
Ad Industry Opposes FTC’s Proposed Security Regulations For Financial Institutions
Wendy Davis reports: The Federal Trade Commission’s proposed changes to security regulations for financial institutions could also affect a broad swath of non-financial companies — including ad agencies, social networks, lead generators and ad-tech companies — according to the Association of National Advertisers. The organization is urging the FTC to refrain from imposing a slate…
Capital One fined $80 million for 2019 hack of 100 million credit card applications
Devlin Barrett reports: Capital One has agreed to pay an $80 million fine to U.S. regulators over a major hacking incident last year in which authorities say about 100 million credit card applications were illegally accessed. The Virginia-based bank with a popular credit card business said it has taken steps to tighten security around its…
SG: The Central Depository and two other organisations fined for data privacy breach
Yip Wai Yee reports: The Central Depository (CDP) and two other organisations have been fined a total of $47,000 for breaching data privacy laws. CDP received the biggest fine of $32,000 after it mailed dividend cheques to outdated addresses, putting more than 200 account holders at risk of having their personal data disclosed. According to…
Morgan Stanley Hit with Class Lawsuit Over Alleged Data Breaches
Jed Horowitz reports: Former and current Morgan Stanley customers have filed a putative class-action lawsuit alleging negligence and invasion of privacy over the firm’s failure to properly scrub decommissioned hardware of personal information such as social security numbers, account numbers and other personal data. Morgan Stanley earlier this month began notifying brokers and customers that some…