Karen Hoffman reminds readers of the costs of poor security, reporting, in part:
Last month, the U.S. Securities and Exchange Commission (SEC) fined Chase $125 million due to employees’ insecure practices, namely using WhatsApp and personal email accounts to transact official business, thus not adhering to SEC record-keeping requirements. Additionally, under a separate enforcement action, the Commodity Futures Trading Commission also fined the bank $75 million for the same behavior going back six years.
In August 2020, Capital One Financial Corp was levied an $80 million penalty by the Office of the Comptroller of the Currency for failing to spot and manage cyber risk, resulting in a huge data breach the previous year. More recently, in late December 2021, Capital One announced it would pay $190 million to settle a class-action lawsuit in response to a massive hack on the bank’s cloud network on Amazon Web Services that led to the theft of personal data from 100 million customers in 2019.
Read more at SC Media.