Data breaches

The Tennessee company said an unauthorized party gained access to dozens of accounts and obtained less than $1 million from some of those accounts.

The Michigan bank is the latest company to have customer data compromised through a software vulnerability. The incident reinforces the importance of attack simulations, constant searches for intrusions and exchanges of intel with peers.

Federal banking agencies want to give the industry a hard deadline for notifying their regulators about serious security breaches and failed system upgrades.

It has been 15 years since the federal banking agencies issued guidance on an institution’s obligation to inform its regulator about a cyberattack. A proposal to be unveiled this week could establish a more specific notification deadline.

It's important that breach mitigation strategies take younger people, gaming and school into account, says ForgeRock's Ben Goodman.

Good communication is integral to facilitating collaboration between departments and offering a reminder that security is not achieved solely within the IT department; rather, it is a team effort, says KnowBe4's Javvad Malik.

The regulator found that the financial services company failed to take precautions in disposing of hardware that contained sensitive customer information.

It’s about time that we stopped ranking personal data theft on perceived severity. Any breach in which personal data is stolen needs to be treated as highly serious and punishable, says Juniper Networks’ Laurence Pitt.

This information can be used to access bank accounts and combined with other information on the dark web to access social media profiles, email accounts and more, says Jumio's Robert Prigge.

Businesses must take steps to manage Shadow Code data breach risk by applying timely security patches and upgrading vulnerable open source libraries and third-party plugins, says PermiterX's Ameet Naik.

The actual exposure could be more than ten times the initial breach, due to downstream sales of data, says Bitglass' Anurag Kahol.

Regulators found fault with the bank’s cloud migration efforts in the years that preceded a 2019 hacking incident.

Over the weekend, hackers broke in through a third-party vendor to steal names, email addresses and other personally identifiable information.

The Federal Financial Institutions Examination Council is best suited to craft uniform policies to protect consumer data. A patchwork of state rules is cumbersome.

The Federal Financial Institutions Examination Council is best suited to craft uniform policies to protect consumer data. A patchwork of state rules is cumbersome.

The Credit Union National Association filed the class action suit in 2017 after roughly 147 million people had personal information exposed through a hack of the credit reporting agency.

The most effective way to avoid cloud payment breaches is by dramatically reducing access, says CloudKnox Security's Balaji Parimi.

The challenge has been aligning the data-sharing ecosystem in a way that simplifies access and enhances consumer control while ensuring a high level of security, says Finicity's Steve Smith.

In spite of MGM’s quickly notifying hotel guests impacted by the breach in accordance with applicable state laws, it’s a clear concern that many of the contact details were still valid, particularly the phone numbers, says Shared Assessments' Tom Garrabba.

The Payment Card Industry data security standard applies to organizations of all sizes, but has often been seen as an intro to data security for small-business owners who know more about cooking burgers than securing data.