Data security

M&T Bank joins a Massachusetts fintech-focused hub; Republic Bancorp in Louisville, Kentucky, once again expands in the Cincinnati market; ChatGPT suffers a security lapse and more in this week's banking news roundup.

Having a single set of generally accepted c​ybersecurity incident rules would reduce costs to banks, but software industry leaders say this would serve their interests, too.

On Thursday, a ransomware group published data apparently stolen from Tri Counties Bank, which suffered an outage to its ATM network last month.

The group behind the ongoing campaign allegedly has the support of a hosting provider that's complicit in helping spin-up new scam websites.

Any major news provides fraudsters the opportunity to take advantage of a frenetic situation. This time, their plea for customers' banking credentials seemed extra credible.

In February's roundup of American Banker's favorite stories: An international African American sorority enters the credit union market; a deep dive into the ideology behind banks giving out free pens; and a rising number of financial institutions are facing a tightening of liquidity and more.

The strategy document identifies potential avenues for cutting cybercriminals off from financing, as well as other actions banks can take.

Rules around what, when, and to whom a bank must report in the wake of a data breach remain a key point of regulatory friction. Some hope a new federal office could help.

Financial services firms are focusing on essential risk-related priorities, but must not lose sight of the importance of innovative technologies that drive business forward.

Visa's strategy of devaluing data applies not just to its payment workflows but across the business. Visa Chief Risk Officer Paul Fabara shares more about this approach and four other cyber risk principles he follows.