Data breaches

Customers with deferred compensation plans at the bank had personally identifiable information compromised through a third party, Infosys McCamish.

The cybersecurity leaders argued in a recent court briefing that the SEC's lawsuit against the SolarWinds CISO could harm the profession at large.

The Federal Reserve's vice chair for supervision also said he expects cyber threats against the financial services industry to become increasingly disruptive.

Many of the attack vectors, including ransomware and phishing, will likely continue to plague the industry through 2024.

A third-party provider for credit unions failed to fix a long-patched vulnerability, according to a cybersecurity researcher who has studied the situation.

While ransomware group Alphv/Blackcat claims to have orchestrated the incident, title insurance company Fidelity National Financial has not yet stated whether confidential data was compromised.

The cybercriminals said a new SEC rule required loan software company MeridianLink to report last week's breach, but the rule does not take effect until next month.

The bank suffered its third breach in three years, this time by virtue of a vulnerability in Progress Software's file-transfer system. But Flagstar is only one of many such victims.

Ongoing disruptions and a reported ransom payment highlight the complexity of cybercrime networks and the pitfalls of paying ransoms.

One security researcher said the total number of consumers who had data stolen in MoveIt breaches exceeds 20 million, and more are expected to be reported.