Cyber attacks

Experts say banks should start stepping up their encryption now, because hackers can steal it now and decrypt it with quantum computing later.

The Consumer Financial Protection Bureau alerted staff this week that text messages had been sent to employee personal phone numbers claiming to be from Director Rohit Chopra.

The attack on AvidXchange, which the company said it learned about in early April, exposed its bank account numbers and some embarrassing security practices. It's part of a growing trend of data exfiltration attacks.

Security researchers discovered the compromise in Trading Technologies software while looking into the cause of a compromise in 3CX phone conferencing software.

Alphv developers claimed responsibility for an attack that started last week against the payments and digital banking software maker. The ransomware is more sophisticated than many of its peers.

On Thursday, a ransomware group published data apparently stolen from Tri Counties Bank, which suffered an outage to its ATM network last month.

Derivatives markets were hobbled for several days by hackers using malware from LockBit, who said ION paid the ransom.

The top U.S. derivatives watchdog wants new cybersecurity rules as a recent attack on the software company ION Trading U.K. continues to roil the industry.

While most distributed denial-of-service attacks against U.S. banks and credit unions result in little to no disruption, they can chip away at reputations if left unchecked.

Banks worried about similar attacks against their own customers can use multifactor authentication and suspicious login detection to reduce risk.

The plaintiffs allege that the banks did not catch obvious red flags or implement proper safeguards such as requiring two employees to approve each transaction.

Hacks of banks, credit unions and insurance companies compromised the data of millions of consumers, who filed a flurry of class actions in response.

Banking companies are increasingly using application programming interfaces that transfer customer information to third-party money-management apps popular with consumers. But fraudsters are exploiting vulnerabilities in the technology to steal information.

The increases may simply reflect better detection and reporting, but banks continue to facilitate large ransom payments to sanctioned individuals.

A board member of the National Credit Union Administration urges vigilance against threats that many institutions ignore at their peril.

The breach was quickly followed by fake text and app messages to customers that appeared to come from the challenger bank.

The state's disclosure laws generated data that indicated millions of consumers had their personal details potentially compromised.

With global tensions rising over Ukraine, the cutthroat competitiveness of the U.S. financial sector is yielding to partnership over the conviction that a cyberattack against even a group of minor banks — or a third-party service provider — could imperil everyone in a highly connected system.

Financial losses stemming from sanctions and the threat of cyberattacks are just some of the major concerns from across the industry.