Data security

The attack on AvidXchange, which the company said it learned about in early April, exposed its bank account numbers and some embarrassing security practices. It's part of a growing trend of data exfiltration attacks.

Security researchers discovered the compromise in Trading Technologies software while looking into the cause of a compromise in 3CX phone conferencing software.

In his new book, the technology and financial services veteran Thomas Vartanian explores how countries could band together to create a more secure digital world while explaining what's holding society back from achieving this.

Alphv developers claimed responsibility for an attack that started last week against the payments and digital banking software maker. The ransomware is more sophisticated than many of its peers.

The invoices show branding by NorthOne, a business banking fintech, but the company's CEO denies responsibility for the vulnerability.

A consortium of financial companies said premiums are rising despite a relatively low level of overall risk, causing some banks to reconsider their policies.

The February attack on the title loan company exposed Social Security numbers and possibly driver's licenses and passports. Eleven other financial companies have reported hacks this year.

M&T Bank joins a Massachusetts fintech-focused hub; Republic Bancorp in Louisville, Kentucky, once again expands in the Cincinnati market; ChatGPT suffers a security lapse and more in this week's banking news roundup.

Having a single set of generally accepted c​ybersecurity incident rules would reduce costs to banks, but software industry leaders say this would serve their interests, too.

On Thursday, a ransomware group published data apparently stolen from Tri Counties Bank, which suffered an outage to its ATM network last month.

The group behind the ongoing campaign allegedly has the support of a hosting provider that's complicit in helping spin-up new scam websites.

Any major news provides fraudsters the opportunity to take advantage of a frenetic situation. This time, their plea for customers' banking credentials seemed extra credible.

In February's roundup of American Banker's favorite stories: An international African American sorority enters the credit union market; a deep dive into the ideology behind banks giving out free pens; and a rising number of financial institutions are facing a tightening of liquidity and more.

The strategy document identifies potential avenues for cutting cybercriminals off from financing, as well as other actions banks can take.

Rules around what, when, and to whom a bank must report in the wake of a data breach remain a key point of regulatory friction. Some hope a new federal office could help.

Financial services firms are focusing on essential risk-related priorities, but must not lose sight of the importance of innovative technologies that drive business forward.

Visa's strategy of devaluing data applies not just to its payment workflows but across the business. Visa Chief Risk Officer Paul Fabara shares more about this approach and four other cyber risk principles he follows.

To combat cybercriminals, banks and credit unions turn to white-hat hackers to uncover system vulnerabilities. But what motivates these computer whizzes can be surprising.

The personal financial management app, which has been downloaded 5 million times, was letting some users view emails and other personal information of other customers.

Derivatives markets were hobbled for several days by hackers using malware from LockBit, who said ION paid the ransom.