Data breaches

Consumer trust is hard to win, easy to lose, and eroding daily as attackers achieve success with fraudulent transactions, says NuData Security's Justin Fox.

Many companies have tools in place alerting them to possible security issues, but if companies get a large volume of issues, this quickly overwhelms the ability for security and risk professionals to analyze, prioritize, and remediate, writes DivvyCloud's Chris DeRamus.

At the same time, consumers hold banks to tougher disclosure standards than government agencies, health care organizations and retailers, according to Experian.

With lots of day-to-day IT tasks and countless systems to configure, it's easy to make mistakes, says Brian Kelly, CEO of CloudBolt.

Not only does it illustrate the willingness of regulators to impose massive fines for massive data breaches, it also reminds us that this situation could be just the tip of a financial iceberg, says White Hat Security's Mark Rogan.

There is always the chance that privileged employees will either become bad actors who use their access to confidential data for their own gain, or that they will succumb to a hacking attempt and thereby open the door to an external bad actor, says Unisys' Maria Allen.

Human error makes credit unions vulnerable to cybersecurity threats, but executives can fight this by setting up the right processes and technology.

Machine learning can build a layered defense, and analysts don't have to spend as much time combing through data to spot threats, says Exabeam's Anu Yamunan.

A senior official at the European Central Bank warned that banks embracing external data storage and other digital technology need to face the reality that those systems are inviting targets for hackers.

The Massachusetts Democrat is questioning a claim by the agency about the amount of redress available to those affected by the credit bureau's 2017 data breach.

There is no silver bullet when it comes to cybersecurity—and that goes double for the cloud, says Justin Fier, director for cyber intelligence and analysis at Darktrace.

From housing finance to Facebook’s crypto plans, moderators questioning the presidential candidates in Texas next month would have no shortage of financial policy topics from which to pick.

The Massachusetts senator asked Richard Fairbank in a letter why the bank didn’t detect the breach for nearly four months and how it plans to prevent future cyber intrusions.

Many businesses are not doing enough to protect their client sensitive PII information. They do not realize that internet and cloud services are not bullet-proof, says Pravin Kothari, founder and CEO of CipherCloud.

Under the regulation, banks and financial services providers must secure their own systems as well as implement third-party risk management programs, which can mitigate insider threats from third parties, says Michael Magrath, director of global regulations and standards for OneSpan.

JPMorgan Chase ends business loan partnership with OnDeck; Truist out to prove it can best the megabanks in tech; Capital One's data breach was bad, but it could've been worse; and more from this week's most-read stories.

Most cloud storage systems have gaps that open the door to account takeover, API attacks and other threats, argues Pravin Kothari, founder and CEO of CipherCloud.

Readers react to Capital One's massive data breach and The Bancorp's expansion in CRE securitizations, defend fintechs offering retirement plans and more.

Three GOP members of Congress have sent letters to the companies requesting staff-level briefings on the breach in which an ex-employee of Amazon Web Services illegally accessed data of more than 100 million people who had Capital One credit cards or had applied for them.

The Federal Trade Commission just updated its website with disappointing news: No, you aren’t getting $125 because of the Equifax Inc. data breach.