Data breaches

That’s the question executives of publicly traded banks are asking themselves as they try to make sense of new — and somewhat vague — guidance from the SEC on procedures for disclosing data breaches.

Canadian Imperial Bank of Commerce and Bank of Montreal are alerting clients that "fraudsters" claimed to have accessed personal and financial information of some customers.

Deadlines imposed by U.S. and EU regulators are giving banks intercontinental whiplash.

Mark Begor said Wednesday that banks and other customers will receive regular updates on the credit reporting agency’s efforts to improve its cybersecurity in the wake of last year’s massive data breach.

Regalii has changed its name to arcus and switched from cross-border bill payment to helping banks use tokenization to reissue lost, stolen or breached cards.

Acting CFPB Director Mick Mulvaney told a group of bankers last week that he intends to end public access to complaints, but Sen. Elizabeth Warren and two other Democrats argue that would be a mistake.

In addition to changing the name of the Consumer Financial Protection Bureau, the acting director wants to also nix public complaints; the good, bad and ugly in Zelle's ascendance; a case study for digital outage recovery; and more from this week's most-read stories.

The agency's acting chief said hundreds of data breaches justified a halt on collecting information from firms, but experts question that logic.

SunTrust let about eight weeks pass before telling the public that data tied to 1.5 million customers had been stolen.

The news of the data breach cast a shadow over relatively strong first-quarter earnings for the Atlanta bank.