While migration to cards with chip technology should help mitigate card fraud, additional steps by retailers and more layers of security are needed.

Bankers are increasingly concerned that an optional cybersecurity assessment tool released by regulators this summer could soon become mandatory.

Some 75% of chief information officers plan to increase spending on security technology next year, with many anticipating jumps in security budgets of 20% or more.

Hackers did not steal banking or payments data from Experian, but they might as well have. Breaches like the one sustained at the company call into question the entire system of identification that banks rely on to open accounts and conduct other everyday business.

Compared with other recent breaches, the theft of 6,400 user email addresses and passwords on the American Bankers Association's website might seem like small potatoes. But experts said the attack — the first in the association's history — was still significant and could have implications for banks.

A server containing sensitive consumer information at Experian has been breached, with the records of as many as 15 million T-Mobile customers stolen, the companies said Thursday.

In updating cards with EMV technology, Visa and MasterCard have neglected an important element of what makes the security standard so successful elsewhere. The need for PIN verification is clear.

Many card issuers are well on their way to the migration to chip cards or have a plan to do so. But many merchants are still completely unaware of the shift in fraud liability taking effect Thursday.

Some critics argue that it's a bad idea to introduce chip cards without PIN requirements. But this debate is a distraction from the payments industry's robust and multifaceted efforts to fight cybercrime.

The deadline for EMV migration in this country is this Thursday. Here's what will and won't happen on that day, and what challenges lie ahead for banks and their customers.

The collaboration between financial institutions and technology firms runs deep, but banks' recent criticism of lax regulatory oversight for nonbanks reveals fissures.

DD4BC, a group that threatens to knock out corporate websites unless it is paid off in bitcoins, has expanded its denial-of-service attacks on banks.

Atlanta-based bitcoin payment processor BitPay has suffered a phishing attack costing the company $1.8 million.

Fintech firm Tanium says it has found a unique method for securing the tens of thousands of vulnerable points in the computer networks of banks and other companies.

Banks are starting to lay traps for cybercriminals that have broken through their defenses.

A recap of the informed opinions (and the discussions they generated) on BankThink this week, including banks' subpar shareholder value and how big-data advocates can better communicate with critics who worry about the technology's potential discriminatory effects.

Iron Mountain, the leading provider of document storage, is buying its main rival. If the merged company tried to raise prices, it might be the final straw that motivates banks to shift data storage to the cloud.

Software problems have recently plagued Bank of New York Mellon, HSBC and the New York Stock Exchange. Thorough testing and new quality standards can help financial institutions weed out weaknesses in their code that could (literally) break the bank.

A data breach-related court case involving Wyndham hotels and new Defense Department rules governing contractors provide banks some dos and don'ts in bringing vendors' security practices into line.

K2 Intelligence, an adviser on compliance and cybersecurity, has hired a former FBI cryptocurrency expert and a former regulator who worked on New York's digital currency regulations.