Data breaches

Compared with other recent breaches, the theft of 6,400 user email addresses and passwords on the American Bankers Association's website might seem like small potatoes. But experts said the attack — the first in the association's history — was still significant and could have implications for banks.

A server containing sensitive consumer information at Experian has been breached, with the records of as many as 15 million T-Mobile customers stolen, the companies said Thursday.

In updating cards with EMV technology, Visa and MasterCard have neglected an important element of what makes the security standard so successful elsewhere. The need for PIN verification is clear.

Some critics argue that it's a bad idea to introduce chip cards without PIN requirements. But this debate is a distraction from the payments industry's robust and multifaceted efforts to fight cybercrime.

The collaboration between financial institutions and technology firms runs deep, but banks' recent criticism of lax regulatory oversight for nonbanks reveals fissures.

Atlanta-based bitcoin payment processor BitPay has suffered a phishing attack costing the company $1.8 million.

Fintech firm Tanium says it has found a unique method for securing the tens of thousands of vulnerable points in the computer networks of banks and other companies.

Banks are starting to lay traps for cybercriminals that have broken through their defenses.

Iron Mountain, the leading provider of document storage, is buying its main rival. If the merged company tried to raise prices, it might be the final straw that motivates banks to shift data storage to the cloud.

Software problems have recently plagued Bank of New York Mellon, HSBC and the New York Stock Exchange. Thorough testing and new quality standards can help financial institutions weed out weaknesses in their code that could (literally) break the bank.

A data breach-related court case involving Wyndham hotels and new Defense Department rules governing contractors provide banks some dos and don'ts in bringing vendors' security practices into line.

K2 Intelligence, an adviser on compliance and cybersecurity, has hired a former FBI cryptocurrency expert and a former regulator who worked on New York's digital currency regulations.

Old-fashioned banks and neobanks are both finding the battle for acquiring customers to be treacherous. So BankMobile, a mobile-first banking service, has launched an innovation lab-like division seeking new tech that could attract thousands of new customers per month.

Target Corp. reached a settlement with Visa Inc. over a hacker attack that struck the chain during the 2013 holiday season and exposed millions of customers' personal information.

Ashley Madison, an online extramarital dating service that claims to protect users' privacy and security, has had its customer database compromised.

Treasury Deputy Secretary Sarah Bloom Raskin told a group of bankers that law enforcement and regulators need to declassify more information so banks can protect themselves.

The executive in charge of protecting JPMorgan Chase & Co.'s computer network from hackers has been reassigned, after a year on the job that included controversy over his handling of a massive data breach and the departure of several top security team members.

Heartland Payment Systems has reported it suffered another data breach last month.

A visit to an overnight shipping store in Napa Valley reveals that outdated payment-processing procedures remain de rigueur with some merchants — despite the fraud risk.

MasterCard issuers had to cast at least 90% of their votes in favor of the Target settlement by May 20, and not enough did, the companies said. Banks and credit unions will fight for a better deal.