Links in “Cybersecurity/Data Breaches”

Here is some guidance on building a matrix to help develop a security posture that helps the organization's operations, rather than impeding it. [1/8/16]

Banks, who often lament that consumers don't care enough about security because they know their banks will bear the brunt of fraud losses, are looking for better ways to authenticate their customers. One example is one-time passwords, which a majority of surveyed customers found to be either an acceptable approach or were strongly in favor of it. [1/8/16]

Industry experts warn that we should expect to see more major data breaches in banking and POS applications in 2016. As customers and members demand more flexibility and mobile access, our vulnerability increases. This article highlights some of the forms these attacks are likely to take. [1/7/16]

Here are nine cyberattacks in 2015 that threatened the underlying foundation of trust for everything that is internet-based. [1/5/16]

The Office of Foreign Assets Control has published a final rule creating a new cyber-related sanctions program to block transactions with persons whose cyber activities threaten U.S. interests. This hasn't increased any institution's compliance burden . . . yet. [1/5/16]

In what is being called the biggest data breach of 2015, a database of 191 million voter records was  left unprotected for more than a week. Although the records did not include social security numbers or driver’s license numbers, the misconfigured database did include voter names, birthdates, email and snail mail addresses, telephone numbers, party affiliations, and state voter IDs. [1/4/16]

That was the question raised at a recent House sub-committee meeting. With new data breaches being announced almost daily, there is concern about the massive amount of data that the CFPB is collecting on consumers. While the full extent of the data the agency has collected is not known, it is known that the CFPB collects arbitration case records, automobile sales records, consumer credit report information, credit card details, credit scores, mortgage loan-level data, private student loan data, and payday loan information. [12/17/15]

Just two malware families installed on mobile devices intercepted 170,000 SMS messages, including a number of banking transactions, such as querying credit card numbers and bank balances. Key takeaway: be careful with the mobile apps you download and stick with well-known apps. [12/16/15]

The first most important defense weapon in combatting online credit card fraud is having well-trained analysts who know how to detect fraud and are armed with advanced detection software. The second most important weapon is in the hands of your members in the form of new technology and common sense. [12/15/15]

More details are emerging about the massive criminal enterprise through which a group of five individuals hacked into the highly secure servers of JPMorgan and other large financial institutions, ran an illegal payment processing scheme and, for a shorter time, took over a very small New Jersey credit union to help launder money. Federal prosecutors and federal regulators are not saying why the scheme was able to go on for over three years without detection. [12/14/15]