The parent company of the Montgomery Ward website had at least 51,000 records stolen out of a database last December, but failed to notify its customers.
The breach, first detected by Citigroup, a financial services company, showed hackers found a way into HomeVisions.com, a separate website of Direct Marketing...
The Financial Modernization Act of 1999, AKA the Gramm-Leach-Bliley Act, or just plain GLBA.
However you know it, financial institutions now have had several years of regulatory oversight and examination on it, but some are still struggling to meet the regulation's myriad list of requirements, which include...
Eighty-seven percent of major data breaches could have been avoided through reasonable security measures.
This is the conclusion of a new report from Verizon Business Security Solutions, analyzing 500 forensic investigations of data breaches. Financial institutions made up 14 percent of all companies included in...
Keeping abreast of what's going on in the regulatory compliance domain is something I need to do. It's sort of the life-blood of my career these days, as I spend most of my time either managing or executing audit and assessment activities predicated upon the various regs. Beyond wanting to be certain that my clients...
I was talking the other day with a friend who works at an information security risk company. He shared with me the higher-level details of a physical penetration test on which he tagged along.
When a Dallas, TX bank needed some help to stop unauthorized data, it pulled out the biggest guns it could locate to stop the data leaking out of its networks.
The choice was a natural progression of what the bank was already doing to stop data loss, according to Omni American Bank's Chief Information Officer Tony...
We've known for roughly six months now that the Identity Theft Red Flags Rule compliance deadline is Nov. 1, barely four months away. How close, then, are banking institutions to meeting that deadline?
That is the question of the summer, and the answer will be found in the results of our new Identity Theft Red...
On one hand, this step does show that the business has made a conscientious effort to plug a major security hole.
But on the other, can't you see that first lawsuit filed by a breached customer saying "Hey, you gave me this stuff and said my PC was safe ...?"
Credit and debit card fraud: It's the threat that keeps growing and evolving.
A year ago, many banks and credit unions were forced to cancel and reissue thousands of cards as a result of the TJX breach. More recently, banks located in Indiana saw accounts breached from ATM or debit card transactions. Indiana law...
Two men have been charged with making hundreds of fraudulent withdrawals from New York City automatic teller machines earlier this year, taking more than $750,000 in cash.
In a federal indictment filed in the U.S. Southern District of New York, Yuriy Ryabinin, a 32-year-old Ukranian immigrant and Ivan Biltse, 30,...
Less than a month after TD BankNorth customers in New Hampshire were alerted by the bank that their Visa debit or credit cards may have been compromised comes news of a phishing email scam against the bank's customers. The bank, headquartered in Portland, ME, has $119 billion in assets and 1,100 locations on the east...
There was one thing that always bugged Steve Jones when he thought about customer data protection at his credit union - email via the Internet.
Email is so ubiquitous -- essential to communications both within the institution and with the outside world, including customers. But it's also fraught with security...
Just when you thought PCI deadlines were behind you ...
The deadline for compliance with the Payment Card Industry's Data Security Standard DSS (PCI-DSS) 6.6 requirement is June 30. This requirement describes security steps that are intended to address threats to web applications.
But industry analysts project...
The road to PCI compliance for retailers and financial institutions may have many wrecks along the way. But there are also some solid best-practices to lead the way for PCI laggards, says David Taylor, Research Director at the PCI Alliance.
What makes one company a compliance leader and another a loser when it...
An unencrypted backup tape is missing from the Bank of New York Mellon, potentially exposing information on 4.5 million customers of that bank and of People's United Bank of Bridgeport, CT.
The missing tape contains social security numbers and bank account information on 4.5 million customers - including several...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.