Data breaches

We need to rethink how we acquire and manage consumer data, and any business using enterprise software needs to be accountable for how information is being processed, transported or shared, writes Chris Wong, CEO of LifeSite.

Canadian Imperial Bank of Commerce and Bank of Montreal are alerting clients that "fraudsters" claimed to have accessed personal and financial information of some customers.

Phishing is the likely culprit behind the recent Saks and Lord & Taylor breaches. Stronger email protection required to combat the threat, according to Matthew Vernhout, 250ok's director of privacy.

Deadlines imposed by U.S. and EU regulators are giving banks intercontinental whiplash.

Mark Begor said Wednesday that banks and other customers will receive regular updates on the credit reporting agency’s efforts to improve its cybersecurity in the wake of last year’s massive data breach.

Regalii has changed its name to arcus and switched from cross-border bill payment to helping banks use tokenization to reissue lost, stolen or breached cards.

A multilayered approach that allows one type of fraud tool to pick up the slack when another layer fails, according to Robert Capps, a vice president at NuData Security.

The correct strategy needs to be built around the mindset that the attackers might eventually succeed, and that with the right tools, the breach can be detected early, the extent of it can be controlled, and the attack can be stopped before a lot of damage is inflicted, writes Engin Kirda, a professor of computer science at Northeastern University.

Acting CFPB Director Mick Mulvaney told a group of bankers last week that he intends to end public access to complaints, but Sen. Elizabeth Warren and two other Democrats argue that would be a mistake.

In addition to changing the name of the Consumer Financial Protection Bureau, the acting director wants to also nix public complaints; the good, bad and ugly in Zelle's ascendance; a case study for digital outage recovery; and more from this week's most-read stories.

The agency's acting chief said hundreds of data breaches justified a halt on collecting information from firms, but experts question that logic.

With new data breaches becoming public on an almost routine basis, it’s no surprise that our findings revealed that consumers are starting to favor safety over speed and ease of checkout, writes Joseph Daly, COO of Paysafe Payment Processing in North America.

SunTrust let about eight weeks pass before telling the public that data tied to 1.5 million customers had been stolen.

The news of the data breach cast a shadow over relatively strong first-quarter earnings for the Atlanta bank.

PCI compliance can't solve all security problems. EMV, encryption are all necessary to protect merchants from data breaches, writes Jeff Zimmerman, COO of Clearent.

The Senate is expected to pass a bill that would ax controversial guidance on loans at car dealerships; lower tax rate may have skewed year-on-year comparisons.

AI relies on catching the malware itself at a later stage, once it begins to operate in the system, and that's not enough to combat breaches and payment systems, according to Mordechai Guri, chief science officer at Morphisec.

Brand and access to capital can suffer if companies don't take proper care of data from payments and other online activities, according to David Thomas, CEO of Evident ID.

Options include multilayered security solutions that incorporate verification via passive biometrics, without adding friction, by evaluating a consumer’s inherent behavior online during the transaction process, writes NuData Security's Lisa Baergen.

Employees still fall for phishing attacks, but there is technology that can remove the offending code before employees even view emails, writes Aviv Grafi, CEO of Votiro.