Data breaches

The debate over whether signatures or PINs are a stronger security feature overlooks the fact that neither is the most important defense against fraud.

The Cybersecurity Information Sharing Act, which has advanced far on Capitol Hill, promises to help businesses and government thwart cybercriminal attacks. But privacy advocates say the bill would make misuse of consumer data even easier.

Federal prosecutors on Tuesday charged three men in connection with the mass hack attack on JPMorgan Chase that took place in June 2014.

Buying stolen data is an effective way for banks to determine the source of a breach. But fraudsters are increasingly putting up roadblocks because such deals might make it tougher for them to break in next time.

Led by a team of financial services and regulatory veterans and young techies, Privacy.com represents the first mainstream attempt to build a business explicitly around transactional privacy in the era of Edward Snowden and Ashley Madison.

Hackers did not steal banking or payments data from Experian, but they might as well have. Breaches like the one sustained at the company call into question the entire system of identification that banks rely on to open accounts and conduct other everyday business.

Compared with other recent breaches, the theft of 6,400 user email addresses and passwords on the American Bankers Association's website might seem like small potatoes. But experts said the attack — the first in the association's history — was still significant and could have implications for banks.

A server containing sensitive consumer information at Experian has been breached, with the records of as many as 15 million T-Mobile customers stolen, the companies said Thursday.

In updating cards with EMV technology, Visa and MasterCard have neglected an important element of what makes the security standard so successful elsewhere. The need for PIN verification is clear.

Some critics argue that it's a bad idea to introduce chip cards without PIN requirements. But this debate is a distraction from the payments industry's robust and multifaceted efforts to fight cybercrime.