Data breaches

Manual means of dispute management are inefficient and growing untenable in the current security and compliance environment, writes Brad Johnson, director of solutions consulting at Centrix Solutions.

Breach investigations can be very lengthy and it is not uncommon to disclose additional findings over time, writes Mounir Hahad, head of threat research at Juniper Networks.

The Consumer Financial Protection Bureau is among several agencies that "continue to investigate events related to" last year's Equifax brief, the credit reporting firm said in a securities filing.

The bank overcharged some customers and some received inappropriate investment advice; 2.4 million more people were affected by the breach.

Equifax, the credit bureau breached by hackers last year, said the card-payments industry may cut off its access to certain data or impose fines if the company can't prove it's addressed weaknesses.

A bipartisan bill to establish a federal security framework follows a string of efforts beset by congressional turf battles.

The finance sector had the highest number of breaches of all industries, with 471 in 2016, according to a report issued Friday by the White House's Council of Economic Advisers.

It is unclear whether the Consumer Financial Protection Bureau is abandoning its supervisory oversight of Equifax or just taking a back seat to the Federal Trade Commission as the latter investigates the credit bureau.

Acting Consumer Financial Protection Bureau Director Mick Mulvaney has cited hundreds of confirmed and suspected data breaches as justification for his halting the bureau's data collection activities last month.

This dangerous "wild west" scenario of fraud and breaches is pushing improving or revamping online authentication to the top of this year’s to-do list for both online companies and governments, writes Robert Capps, vice president of business development for NuData Security.

Credit unions, trade associations and others wishing to join the Credit Union National Association's class action suit against Equifax have until the end of January to do so.

With less than three months before the PCI DSS Requirement 8.3 takes effect, all involved in the handling of cardholder data must take definitive steps to review, implement and upgrade their multifactor authentication strategies and implementation to assure compliance, writes Dirk Denayer, business solutions manager at VASCO Data Security.

Readers react to the Federal Housing Finance Agency considering changing its credit scoring policy, slam the possibility of enforcing mandatory penalties for data breaches at credit reporting agencies, weigh the possible nomination of a credit union regulator to the CFPB, and more.

The two senators are set to introduce a bill that would force such firms to pay $100 per customer whose personal information was compromised.

Account takeover's harder to quantify than payment fraud because it has so many elements and downstream impacts, writes Kevin Lee, trust and safety architect at Sift Science.

Twenty-two trade groups, including seven financial trade groups, sent a letter to House lawmakers calling for new data security standards that would preempt state law.

The credit bureau enraged many with its response to a massive data breach this fall, but closing the company down would ultimately harm consumers.

Interactive Brokers says it will allow customers to bet against the cybercurrency; aides to Alabama senator drafted for key regulatory positions to ease banking rules.

In a rare show of public support for a security technology, the banks are leading a $40 million funding round for Menlo Security, provider of browser technology that keeps malware at bay — and they’re using it, too.

Recent data breach events in September 2017 in the U.S., involving the stock value drop of Sonic as well as Equifax, are evidence of the negative impact of data breaches on the economic value of businesses. Clearly, they have become incidents of board-level importance, writes Justhy Deva Prasad, chief data partner at Claritysquare.