Brian Krebs reports: TCM Bank, a company that helps more than 750 small and community U.S. banks issue credit cards to their account holders, said a Web site misconfiguration exposed the names, addresses, dates of birth and Social Security numbers of thousands of people who applied for cards between early March 2017 and mid-July 2018….
Category: Financial Sector
Data leaks at 2 Thai banks spark call for legal safeguards
Cyber-security experts have urged the government to quickly strengthen legal safeguards by adding measures to prevent data leaks after the computer systems of two major Thai banks were hacked recently. According to the Bank of Thailand (BOT) on Wednesday, the computer systems of Kasikornbank (Kbank) and Krungthai Bank (KTB) were compromised in the attacks, affecting…
Three members of notorious “FIN7” criminal ring in custody for attacking more than 100 companies
The Department of Justice announced a stunning arrest today of key players in one of the most damaging threat actors in the last decade. Kudos to all involved in their arrests. You can read the DOJ’s full press release below, but let’s start with a quote from a FIN7 hunter: “FIN7 is the most prolific and…
Chile Cybersecurity Watch: Card data leaks, Santander investment, govt agency
Allan Brown reports: Chile’s banking watchdog Sbif reported there were two leaks of card details on Saturday. The leaks came just days after hackers published details of around 14,000 credit cards from local and international issuers. The first incident on Saturday involved details of 4,149 credit cards, which turned out to be the same as…
Hackers Breach Russian Bank and Steal $1 Million Due to Outdated Router
Solarquest reports: A notorious hacker group known as MoneyTaker has stolen roughly $1 million from a Russian bank after breaching its network via an outdated router. The victim of the hack is PIR Bank, which lost at least $920,000 in money it had stored in a corresponding account at the Bank of Russia. Group-IB, a…
From data security darling to cyber fall guy, Monzo experiences a breach of its own
Finextra reports: After basking in the glow of exposing the Ticketmaster data breach last week, digital challenger bank Monzo has itself become the victim of a data leakage that saw the personal details of some 20,000 customers lifted from third party survey firm Typeform. […] Monzo says the attackers found a weakness in Typeform’s security,…