Links in “Cybersecurity/Data Breaches”

In order from most critical, the Center for Internet Security has compiled a list of the best security controls for credit unions. Most of the controls listed are pretty affordable, although they all require diligence from the IT department. [5/6/15]

Adding to the never ending list of hacked credit and debit card information, The Hard Rock Hotel & Casino Las Vegas announced a data breach. In a statement, the Hard Rock said the breach potentially affected consumers' names, card numbers, CVV codes, but not PIN numbers. The breach occurred from Sept. 3, 2014 to April 2, 2015.  [5/5/15]

Though convenient, new age tech payment trends are not always secure. But any way you dice it, these tech payment trends are on the rise among consumers. There are several big trends your institution may need to consider so as not be left in the dust. [5/5/15]

The bill calls for national data security standards and applies to companies that are not currently under federal regulatory requirements to protect consumer information.  The bill would require these companies to have comprehensive, tested data security programs in place that are appropriately based on the complexity and scope of the company’s operations and the sensitivity of the information it collects. [5/4/15]

Does your credit union have a strong “Bring Your Own Device” (BYOD) policy regarding employees that use their own personal devices (smartphones, iPads, etc) for work-related purposes? If not, you may be at risk for issues related to overtime reporting, work-related information versus personal information, smartphone bill reimbursement, and e-discovery in civil and criminal cases. [4/30/15]

It could be. This smart wallet works without a smart phone or the cloud, can carry up to 10,000 cards, and claims stronger security controls than competitors. Wocket protects whatever information is stored on it on a tamper-proof, encrypted chip protected by a biometric voice print. Wocket users maintain full control over their information, so it never uploads card data to a server or stores it on devices such as a smartphone. [4/30/15]

NCUA has made it clear that cybersecurity will be a hot button issue for examiners this year. To help credit unions, NCUA is hosting a free, 90-minute webinar entitled, "Cybersecurity Basics” during which a panel of experts will discuss the precautions that credit unions should be taking and the consequences of not adequately protecting member information. [4/30/15]

The judge overseeing the Target breach case did not rule on Monday on a motion by FIs to block the recent $19 million settlement offer between Target and Mastercard. This settlement could jeopardize the ability of credit unions involved in the class action suit to move forward. [4/29/15]

... is a good cyber offense. DOJ announces a new "all tools approach" to cracking down on cyber criminals. [4/23/15]

CUNA is using its grass roots action network to call out the troops (CU employees, volunteers and members) to contact their Senators and urge support for the Data Security Act of 2015.  This bill would impose stronger security standards on merchants and mandate that merchants notify consumers when a breach has occurred. [4/23/15]