In May, 2017, a young man from the U.K. became known as an “accidental hero” for saving the world from the further spread of WannaCry ransomware. But months later, this same hero, Marcus Hutchins, known online as @MalwareTech, was arrested in the U.S. as he tried to fly home after attending the Black Hat and…
Category: Financial Sector
SEC Issues Privacy and Data Security Risk Alert
Joseph Lazzarotti of JacksonLewis writes: Following recent examinations of SEC-registered investment advisers and broker-dealers, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) published a privacy risk alert on April 16, 2019. OCIE is hoping to remind advisers and broker-dealers about providing compliant privacy and opt-out notices, and adopting and implementing effective policies and…
Ottawa should impose cyber obligations on banks, says national security expert
Howard Solomon reports: Ottawa has to give Canadian banks more pointed direction to improve their ability to withstand cyber attacks, says the country’s former national security advisor. “Government legislatively has to impose obligations on financial institutions, much in the same way they have done with money laundering,” Richard Fadden told parliament’s Public Safety committee on…
Swiss Banker Guilty of Corporate Espionage for Leaking Data on Tax Dodge
Hugo Miller reports: A Zurich court convicted a former employee of Bank J. Safra Sarasin AG of one count of corporate espionage for leaking internal documents about a controversial tax deal. The man, who can only be identified as Volker S., was found guilty Thursday of giving a journalist the information, which was used by…
How Hackers Pulled Off a $20 Million Mexican Bank Heist
Lily Hay Newman reports: In January 2018 a group of hackers, now thought to be working for the North Korean state-sponsored group Lazarus, attempted to steal $110 million from the Mexican commercial bank Bancomext. That effort failed. But just a few months later, a smaller yet still elaborate series of attacks allowed hackers to siphon…
Turkish Data Protection Authority Announced Data Leakage Of A Dutch Bank Revealing The Importance Of Effective Information Security
Ertuğrul Can Canbolat LL.M., S. İrem Akin and Baran Can Yildirim, LL.M. write: Under Article 12/5 of the Turkish Data Protection Law, the data controllers are obliged to inform the Turkish Data Protection Authority (“DPA“) in case the personal data processed on their behalf is acquired by others unlawfully. In line with this provision, ING…