Data breaches

Flagstar’s data breach, and what banks can learn from it

03/15/21

The Michigan bank is the latest company to have customer data compromised through a software vulnerability. The incident reinforces the importance of attack simulations, constant searches for intrusions and exchanges of intel with peers.

[more]

Banks would have 36 hours to report cyberattacks under proposed rules

12/15/20

Federal banking agencies want to give the industry a hard deadline for notifying their regulators about serious security breaches and failed system upgrades.

[more]

Bank regulators mull stricter rules for reporting of data breaches

12/14/20

It has been 15 years since the federal banking agencies issued guidance on an institution’s obligation to inform its regulator about a cyberattack. A proposal to be unveiled this week could establish a more specific notification deadline.

[more]

OCC fines Morgan Stanley $60 million for 2016 data breach

10/08/20

The regulator found that the financial services company failed to take precautions in disposing of hardware that contained sensitive customer information.

[more]

Capital One to pay $80M in connection with massive data breach

08/06/20

Regulators found fault with the bank’s cloud migration efforts in the years that preceded a 2019 hacking incident.

[more]

Challenger bank Dave suffers data breach affecting all 7.5 million customers

07/27/20

Over the weekend, hackers broke in through a third-party vendor to steal names, email addresses and other personally identifiable information.

[more]

Put bank exam council in charge of data privacy

07/17/20

The Federal Financial Institutions Examination Council is best suited to craft uniform policies to protect consumer data. A patchwork of state rules is cumbersome.

[more]