Data and information management

Attackers used stolen vendor credentials to move $130M, underscoring vulnerabilities in real-time payment systems.

The payment company claims the bank is trying to "take advantage" of uncertainty around open banking regulations.

The American Fintech Council wants Congress to amend the Gramm-Leach-Bliley Act to preempt state privacy laws with both entity-level and data-level exemptions, as well as eliminating restrictions on the secondary use of data.

The incident appears connected to recent social engineering campaigns, including attacks tied to Salesforce.

Worries that information can be kept safe is the top issue that's holding back artificial intelligence-driven tech upgrades at regional banks and credit unions.

Scattered Spider, a cybercrime gang whose targets include banks, has seen five of its members arrested for SIM-swapping and phishing schemes that stole millions.

Small practices are still mired in paper. Fiserv has joined banks such as JPMorganChase and Citizens in applying new third party transaction technology to the tricky sector.

The Consumer Financial Protection Bureau initiated a new rulemaking process for its open banking rule with a focus on who can serve as a representative for the consumer and whether banks can charge fees to third parties for consumer data.

The lawsuit argues that a state law from 1967 concerning wiretapping also applies to internet tracking. Similar arguments in related cases have had mixed success.

Consumer advocates are urging lawmakers to hold hearings on the Consumer Financial Protection Bureau's new open banking rule and whether Congress authorized banks to charge fees for data access.

Brex's second license in the European Union is a key step in cementing turning payment relationships in the EU into broader financial relationships, including card issuing and cross-selling.

The timing of the breach at Connex aligns with data breaches by threat actor ShinyHunters, which uses phone calls to socially engineer victim organizations.

The CFPB must unequivocally state that consumers own their financial data and prohibit financial institutions from monetizing access to it. No one, not even the biggest bank in the country, should dictate with whom consumers can share their data.

Theft of paper checks and their use in identity theft constitute a major blind spot in the private sector's fraud detection networks. Banks and regulators need to come together to find solutions.

The security problem affects organizations with a hybrid Exchange environment, running applications in both on-premises servers and Microsoft's cloud.

With federal oversight easing, Rhode Island joins states pushing cybersecurity laws for finance companies not covered by federal bank regulators.

A threat group used physical implants and evasive malware to infiltrate ATM networks and attempt fraudulent withdrawals. Here are their tactics and techniques.

Companies that lack artificial intelligence governance may spend hundreds of thousands of dollars more in responding to cyberattacks, IBM found.

U.S. banks should look to Sweden, where the identity verification measures put in place by banks also give users access to both government and private-sector platforms.

A report Wednesday detailed Scattered Spider's advanced social engineering tactics and the escalating threat the group poses to financial institutions.