Kristof Van Quathem of Covington and Burling writes: In December 2023, the Dutch SA fined a credit card company €150,000 for failure to perform a proper data protection impact assessment (“DPIA”) in accordance with Art. 35 GDPR for its “identification and verification process”. First, the Dutch SA decided that the company was required to perform a DPIA…
Category: Financial Sector
NYS announces $8 Million Penalty Against Genesis Global Trading, Inc. After DFS Investigation Finds Significant Failings in Anti-Money Laundering and Cybersecurity Programs
January 12, 2024 New York State Department of Financial Services (DFS) Superintendent Adrienne A. Harris today announced that Genesis Global Trading, Inc. (“Genesis Global Trading”) will pay an $8 million penalty to New York State for compliance failures that violated DFS’s virtual currency and cybersecurity regulations and left the company vulnerable to illicit activity and…
US retail mortgage lender LoanDepot struggles with cyberattack
Frank Bajak reports: The U.S. retail mortgage lender LoanDepot is struggling to recover from a cyberattack that impacted its loan processing and phone service. In a filing on Monday with the Securities and Exchange Commission, the company said data was encrypted by the “unauthorized third party” who broke into company systems. It said certain unspecified…
Mortgage firm LoanCare warns 1.3 million people of data breac
Bill Toulas reports: Mortgage servicing company LoanCare is warning 1,316,938 borrowers across the U.S. that their sensitive information was exposed in a data breach at its parent company, Fidelity National Financial. LoanCare is a sub-servicing and interim sub-servicing provider and a significant player in the mortgage servicing sector, handling approximately $390 billion in balances from…
Disgruntled Cloud Engineer Sentenced to Two Years in Prison for Intentionally Damaging His Former Employer’s Computer Network After He Was Fired
Miklos Daniel Brody Retaliated Against His Former Employer, a Bank, by Damaging the Bank’s Cloud System and Stealing Valuable Computer Code SAN FRANCISCO – Miklos Daniel Brody was sentenced to 24 months in prison today for a network intrusion and for making false statements to a government agency, announced United States Attorney Ismail J. Ramsey…
What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US.
Kevin Beaumont writes: How CitrixBleed vulnerablity in Netscale has become the cybersecurity challenge of 2023. Credit union technology firm Trellance owns Ongoing Operations LLC, and provides a platform called Fedcomp — used by double digit number of other credit unions across the United States. This Fedcomp platform was not patched for CitrixBleed, as no Netscaler…