Data breaches

Officials from the Federal Reserve Bank of New York, Bangladesh Bank and payments network Swift vowed Tuesday to catch the thieves who took $81 million out of the Bangladesh central bank's account at the New York Fed.

WASHINGTON — Federal Deposit Insurance Corp. Chairman Martin Gruenberg has been called to testify on recent cybersecurity breaches in front of a House committee this month.

Cyberthieves using malicious software discovered by IBM Security have stolen $4 million from business customers of two dozen financial services providers this month, IBM said.

Data breaches have become scarily commonplace. But even small financial institutions can take action to thwart hackers and minimize losses.

A former Federal Deposit Insurance Corp. employee took off with data on some 44,000 customers of closed banks when she left the agency in late February, according to an agency memo uncovered by The Washington Post.

Hackers penetrated the computer network of a Verizon Communications subsidiary, but the company says it plugged the hole before much data was compromised.

Bangladesh's central bank has suggested the Federal Reserve Bank of New York had a "major lapse" in allowing hackers to transfer $101 million in transactions that it later flagged as suspicious, according to an internal document seen by Bloomberg.

Technology at many banks has been assembled haphazardly over years. That makes for complex systems with lots of connections. Those points are prime targets for cybercriminals to find a way in.

American Express has filed a notice with the attorney general in California informing some of its cardholders that their account information may have been compromised.

As the Central Bank of Bangladesh threatens to sue the Federal Reserve Bank of New York over at least $80 million stolen from its account there, the Fed says its systems were not compromised.

The tax agency's struggle to protect sensitive data mirrors banks' own, and its shortcomings can also be found at financial institutions.

Cybercriminals and hackers are increasingly targeting people, and not just technology, in an attempt to breach financial institutions.

WASHINGTON — President Obama on Wednesday named Thomas Donilon, the former national security adviser, to chair a special commission to develop a long-term cybersecurity strategy.

Bank of America announced Thursday that it customers can now suspend their debit cards temporarily; it is the first of several new features the bank has planned for 2016 after it tripled its digital banking budget.

Bank regulators will stiffen their requirements and identity theft will escalate, but banks will toughen up their defenses.

Relations between banks and providers of personal financial management tools have soured of late amid reports that some banks block PFM sites' access to their customers' information during peak traffic periods. Aggregators say they are working to address banks' concerns, but they also are urging banks to invest in more server capacity to keep pace with customer demand.

Despite increased investment and development in the consumer payments space around mag stripe, EMV and contactless payments solutions, there is still a huge concern when it comes to data theft.

House Republicans attacked the Consumer Financial Protection Bureau on Wednesday, arguing the agency is not able to safely secure the anonymous bulk data it collects on consumers' financial activities.

The House Financial Services Committee approved a data security bill Tuesday that would require all financial companies to have similar security protections and notification requirements as banks.

The debate over whether signatures or PINs are a stronger security feature overlooks the fact that neither is the most important defense against fraud.