Ransomware

The four lawsuits allege that attackers stole members' Social Security numbers, among other data. Patelco has not yet confirmed whether any data was stolen.

Ransomware group LockBit threatened on Sunday to publish the stolen data Tuesday evening. Ransomware experts said it was likely that the group was bluffing.

Though law enforcement agencies in the U.S. and Europe gained valuable intel on ransomware groups, many believe the hackers are likely to regroup and rebrand.

The gang allegedly had been involved in some of the highest-profile ransomware attacks against financial institutions of recent years.

Many of the attack vectors, including ransomware and phishing, will likely continue to plague the industry through 2024.

A third-party provider for credit unions failed to fix a long-patched vulnerability, according to a cybersecurity researcher who has studied the situation.

The cybercriminals said a new SEC rule required loan software company MeridianLink to report last week's breach, but the rule does not take effect until next month.

The market stayed open four extra hours to allow participants to reroute trades Thursday after an attack by cybercrime group Lockbit.

The new rules also expand the use of "proven protections," such as multifactor authentication, according to Adrienne Harris, superintendent of the New York State Department of Financial Services.

The bank suffered its third breach in three years, this time by virtue of a vulnerability in Progress Software's file-transfer system. But Flagstar is only one of many such victims.