Data security

Harris, who leads the New York State Department of Financial Services, will join the Financial Stability Oversight Council next year. She will replace Charles Cooper of Texas as the representative of state bank supervisors.

Banking companies are increasingly using application programming interfaces that transfer customer information to third-party money-management apps popular with consumers. But fraudsters are exploiting vulnerabilities in the technology to steal information.

Security researchers recently infiltrated a cybergang that stole account credentials with convincing, spoof websites. Could an ABA-endorsed solution help?

The security company OneSpan has launched a new line of such products for financial institutions. Some are skeptical that stand-alone authentication devices are necessary.

The increases may simply reflect better detection and reporting, but banks continue to facilitate large ransom payments to sanctioned individuals.

A Bloomberg News analysis found more than 45 groups and pages — with more than 1 million combined members — where the spoils of cyber crimes and the tools needed to carry them out were offered for sale.

The data aggregator announced a product this week that allows banks to build data privacy portals, where consumers can see who has access to their account data.

Decentralized finance, the once red-hot slice of the crypto universe that was at the center of this year's collapse of the digital-asset world, is facing a rapidly increasing new challenge: financial hacking.

A board member of the National Credit Union Administration urges vigilance against threats that many institutions ignore at their peril.

Howard Whyte, who joined the bank in January, discusses the cybersecurity threats that preoccupy him.

An attacker spirited away about $100 million from the decentralized finance provider Mango by manipulating the price of its token in an exploit that wiped out depositors on the crypto platform.

A criminal group called Prilex has stolen millions in a scheme involving fake repair people installing malware on point of sale terminals.

FS-ISAC will test banks' cybersecurity defenses in "hyper-realistic" simulations of malware, phishing and ransomware attacks.

The Tennessee company said the cyberattack took place in late January and early February.

The breach was quickly followed by fake text and app messages to customers that appeared to come from the challenger bank.

Morgan Stanley will pay $35 million to settle Securities and Exchange Commission allegations that one of its units failed to secure the personal data of millions of customers when replacing company hard drives and servers.

The Office of the Comptroller of the Currency has stopped requiring the bank to provide quarterly progress reports about its efforts to mitigate cloud computing risks.

The agency in charge of regulating cybersecurity incident reports asked firms Monday to give their input on how the developing set of rules should work.

Shortcomings in security testing and monitoring of clients could also trip up payment industry players who need to meet new requirements by 2025.