Data breaches

Under the regulation, banks and financial services providers must secure their own systems as well as implement third-party risk management programs, which can mitigate insider threats from third parties, says Michael Magrath, director of global regulations and standards for OneSpan.

JPMorgan Chase ends business loan partnership with OnDeck; Truist out to prove it can best the megabanks in tech; Capital One's data breach was bad, but it could've been worse; and more from this week's most-read stories.

Most cloud storage systems have gaps that open the door to account takeover, API attacks and other threats, argues Pravin Kothari, founder and CEO of CipherCloud.

Readers react to Capital One's massive data breach and The Bancorp's expansion in CRE securitizations, defend fintechs offering retirement plans and more.

Three GOP members of Congress have sent letters to the companies requesting staff-level briefings on the breach in which an ex-employee of Amazon Web Services illegally accessed data of more than 100 million people who had Capital One credit cards or had applied for them.

The Federal Trade Commission just updated its website with disappointing news: No, you aren’t getting $125 because of the Equifax Inc. data breach.

The hack prompts renewed concerns about security of data held in the cloud; lawmakers acknowledge that Facebook’s proposed Libra cryptocurrency could have applications for law enforcement.

The ongoing availability of stolen account information used to perpetrate vishing and phishing was exacerbated by the Capital One data breach disclosed this week, affecting 100 million accounts, and is likely to increase fraud threats.

A breach that compromises personal data of more than 100 million people is never good, but the company did follow some security best practices.

Capital One Financial lost data from as many as tens of millions of credit card applications after a Seattle woman hacked into a cloud-computing company server, federal prosecutors in Seattle said.