Hack aftermath The massive computer data hack at Capital One “has sent financial institutions scrambling to figure out how millions of records at one of the biggest proponents of cloud-computing were exposed,” the Wall Street Journal reports. The data was stored in Amazon.com’s cloud, “raising questions about whether Capital One put insufficient safeguards in place to lock down customer records when it adopted cloud technology. And the accused hacker’s tenure as a former employee of Amazon’s cloud business highlights the risk—previously little appreciated—of an insider threat.”
The data breach “prompted renewed concerns over cyber security in the cloud,” the Financial Times said. At the same time, New York State attorney general Letitia James announced an immediate investigation into the hack, adding that her office “would work to ensure that any affected New Yorkers are provided relief.”
Big banks like Capital One “are a target for digital troublemakers, like individual hackers trying to impress their peers or intelligence operatives for foreign governments. A single weak spot is all savvy hackers need. And they often find them. Already this year, there have been 3,494 successful cyberattacks against financial institutions, according to reports filed with the Treasury Department’s Financial Crimes Enforcement Network.”
The breach “threatens to upend [Capital One’s] long-held reputation for digital prowess” and put it “on the front line of concerns about what the tradeoff is for banks looking to emulate the practices of tech companies, which themselves have been criticized over their handling of consumer information. Many big banks are following Capital One’s lead to outsource more of their tech processes, but questions remain about whether new security gaps are being opened and how closely regulators should be able to watch.”
Capital One’s shares dropped nearly 6% on Tuesday, their worst day in more than six months. At their lowest point on the day, the shares were down nearly 8%, “which would have been their worst day since 2015.”
Judged too soon? Despite opposition from federal lawmakers, Facebook’s proposed Libra cryptocurrency “could be a valuable tool for law enforcement, partly because of the vast amounts of information that will be generated about its users. With Libra, both the transactions made and who made them will be recorded.” (American Banker's take here.)
Financial Times
Let the bidding begin Deutsche Bank “has set a September deadline for bids on the vast portfolio of equity derivatives it is selling, as the struggling lender looks to expedite a key part of its ambitious restructuring. The derivatives are among the assets earmarked for disposal in Deutsche’s bad bank, which it is relying on to free €10 billion to help foot the bill for the overhaul as well as fund investments in technology, compliance and control functions.”
Rejected A U.S. appeals court in Washington has upheld contempt orders against three Chinese banks that refused to comply with Justice Department subpoenas to turn over information relating to their dealings with North Korea. The lenders’ names are under seal but they are believed to be Bank of Communications, China Merchants Bank and Shanghai Pudong Development Bank. “The finding means Shanghai Pudong Development Bank, which had received an administrative subpoena under the U.S. Patriot Act, rather than a grand jury subpoena, could be at risk of losing access to the U.S. financial system.”
In the black Atom Bank, the U.K.’s first digital-only bank, said it has started to turn a profit after a “painful” year. The bank, which specializes in mortgage lending, has shifted “towards more profitable borrowers such as first-time buyers.” It also “plans to introduce several new products as it attempts to become a profitmaking business.”
Quotable
“Though Capital One’s breach was internal, the fact still remains that safeguards were missing that allowed for the illegal access of consumers’ names, social security numbers, dates of birth, addresses, and other highly sensitive, personal information. We cannot allow hacks of this nature to become everyday occurrences.” — New York State attorney general Letitia James, announcing that her office had opened an investigation into the Capital One hack.
The Wyoming-based digital asset bank filed paperwork to challenge last month's district court ruling, which affirmed the Federal Reserve's view about its discretion over master account applications.
The former head of the Consumer Financial Protection Bureau resigned Friday after the troubled rollout of the Free Application for Federal Student Aid led some House Republicans to call for his resignation.
The San Antonio-based bank said that loan growth, fueled in part by its expansion in key Texas markets, may compensate for pressure on deposits. It slashed the number of rate cuts it expects this year from five to two.
Mississippi's Renasant names its next CEO; environmental fintech Aspiration Partners spins out its consumer brand; the OCC adds five weeks to comment period for Capital One-Discover merger; and more in the weekly banking news roundup.
The Wisconsin banking company forecasted loan growth of 4% to 6% for the full year, driven by an expansion into new commercial and consumer credit lines as well as enduring economic strength in the Midwest.
In the inaugural iteration of American Banker's news quiz, test your knowledge on top articles covering the legal battles of the Consumer Financial Protection Bureau, new technology testing at JPMorgan Chase, earnings season and more.