Data breaches

The heads of some of the largest U.S. banks are calling for a new security-focused mindset among executives, better forms of ID and collective action in the aftermath of the Equifax breach.

Four executives who sold stock after the company discovered a security breach had no knowledge of the incident when they made the trades, the company said. However, the status of federal investigations is unclear.

The Minnesota league follows on the heels of Pennsylvania, Nebraska and the Mountain West CU Association, all of whom joined the suit this week.

As retailers look to bring payments in-house, there are various approaches to consider, writes André Stoorvogel, director of product marketing for payments at Rambus.

Eight leagues/associations now are part of class action response to massive hack, with two leagues – representing CUs in Nebraska, Arizona, Colorado and Wyoming – joining on Halloween.

Calls for less reliance on credit bureaus and Social Security numbers for verification are leading many to envision a future of identity on a distributed ledger.

Equifax continues work to add new security features and restore full access to The Work Number following a report highlighting potential security vulnerabilities in a browser-based portal of its employment verification service.

The answer is to change the authentication framework altogether with new technologies that employ passive biometrics and behavioral analytics, writes Ryan Wilk, vice president of customer success at NuData Security.

The problem could be even worse this year, thanks to a new round of consumer data breaches, including the huge Equifax breach that exposed protected data on more than 145 million Americans, writes Rafael, executive vice president at ClearSale.

You can’t just turn the computers off and shut your door, nor can you rely on outdated, traditional training methods to prepare your team for a landscape of threats and continuously evolve, writes Laura Lee, executive vice president of cyber training and assessments at the Circadence Corporation.

Hackers accessed driver’s license data on nearly 11 million people, the company says; the rally in bank shares may sputter out if third-quarter earnings reports disappoint.

Day two of Equifax hearing focuses as much on business model as on the data breach; Fed chair again says she supports bank rules that are not "unduly burdensome."

Credit bureaus can address identity theft by advancing the robustness of their security processes and abandoning outdated systems that rely on our personal information, writes Jason Brvenik, chief technology officer for NSS Labs.

Losses in sales and penalties from chargebacks may hurt business' sustainability, writes Monica Eaton-Cardone, chief operating officer at Cargebacks911 and Global Risk Technologies.

Equifax mismanaged its recovery by asking for personal information to determine if a user was affected and then issuing a predictable PIN code to those who requested a credit lock, moves that diluted confidence in the company, writes Timothy Crosby, senior security consultant for Spohn Security Solutions.

The week of Oct. 2 is shaping up to be a significant one for the financial services industry on Capitol Hill, as lawmakers grill the top executives of Equifax and Wells Fargo, as well as the top regulator of Fannie Mae and Freddie Mac.

Readers comment on the ripple effects of the Equifax breach, who benefits from the CFPB's final arbitration rule, gender-related issues in financial services, and more.

Diminished returns from basic card breaches will turn crooks' attention to much larger and more dangerous attacks on entire payment systems, writes John Christly, global chief information security officer for Netsurion.

Equifax's data breach may be the most serious, given that it covered 143 million consumers and involved reams of confidential information, but it wasn't the largest. Following are the biggest to date.

Not only will banks be on the hook for counterfeit loans to identity thieves, but they will likely lose loan volume, and ultimately revenue, from changes in consumer behavior.