All Cybersecurity articles – Page 17
-
ArticleBanking guidance: Six key areas of FinTech due diligence
Three federal banking regulators have released guidance offering tips and suggestions to community banks for conducting due diligence on potential FinTech partners.
-
ArticleCEO: T-Mobile ‘humbled’ by data breach, taking steps to prevent future attacks
T-Mobile CEO Mike Sievert lamented the recent breach of company servers that led to a hacker stealing the personal information of nearly 55 million customers, but said the company is “fully committed to take our security efforts to the next level.”
-
ArticleT-Mobile ups compromised customer account total to 55M
A “highly sophisticated” cyber-attack illegally accessed nearly 55 million customer records of mobile phone carrier T-Mobile, the largest such attack against the company that has been hit at least four previous times since 2018.
-
ArticleT-Mobile the least surprising data breach of 2021
Cyber-attacks catch most companies and their customers off guard, but T-Mobile, the victim of at least five data breaches since 2018, had many red flags indicating its vulnerability ahead of its latest incident.
-
ArticlePearson fined $1M for misleading data breach disclosures
U.K.-based education company Pearson has agreed to pay $1 million as part of a settlement with the Securities and Exchange Commission for misleading investors regarding a 2018 data breach.
-
ArticleFINRA notice outlines key areas for supervising third parties
The Financial Industry Regulatory Authority issued a notice on compliance deficiencies arising from firms’ relationships with vendors culled from examination findings.
-
ArticleWhat factors are driving change in your corporate investigations process?
A recent survey from Compliance Week and OpenText reveals while investigations and data volumes are on the rise, machine learning combined with external expertise may give companies the upper hand in accelerating response and results.
-
ArticleQ&A: How Kaiser Permanente has handled change brought by COVID-19
Vanessa Benavides, chief compliance and privacy officer and senior VP at Kaiser Permanente, shares how the company adjusted its policies and procedures because of COVID-19 and the lessons she learned along the way.
-
ArticleJudge dismisses CCPA-related lawsuit against Walmart
A federal judge in California dismissed a lawsuit alleging a data breach at Walmart was a violation of the California Consumer Privacy Act, noting the plaintiff failed to prove a breach occurred.
-
ArticleRobinhood Crypto anticipates $10M penalty for cyber, AML failures
Robinhood Markets said its cryptocurrency platform might face a penalty of “at least” $10 million from the New York State Department of Financial Services for anti-money laundering and cyber-security failures.
-
ArticleBritish Airways settles 2018 data breach class action
British Airways has settled one of the U.K.’s largest group actions after thousands of people sought compensation following a 2018 data breach that resulted in the airline being fined under the GDPR.
-
ArticleTPRM 2021: What to do before, during, and after a ransomware attack
Two risk and compliance practitioners opened their cyber-playbooks at CW’s TPRM virtual event, explaining how to identify and address vulnerabilities, establish transparency with vendors, and strengthen an organization’s incident management program.
-
ArticleTakeaways from NYDFS ransomware guidance
The New York State Department of Financial Services has issued guidance for regulated entities describing best practices for reducing the risk of a ransomware attack.
-
ArticlePandemic effect on TPRM practices here to stay, expert warns
With many businesses still sorting through the new layers of risk that have emerged over the last 16 months, Linda Tuck Chapman of the Third Party Risk Institute shared her top areas of focus and more at CW’s virtual TPRM event.
-
ArticleBig week for breaches: McDonald’s, Carnival, and more
Multiple high-profile companies—including Carnival, Wegmans, McDonald’s, Volkswagen, and CVS—have confirmed in recent days they were either victims of a data breach or were alerted to a gap in their security controls.
-
ArticleFirst American Financial settles SEC charges for cyber-security failures
First American Financial Corp. reached a $487,616 settlement with the SEC for failing to maintain cyber-security disclosure controls and procedures that exposed more than 800 million title insurance records containing sensitive customer information.
-
ArticleSEC rulemaking list 2021: ESG, cyber-risk governance among highlights
The SEC’s spring 2021 rulemaking list is brimming with proposed regulations that would enhance ESG-related disclosures for public companies in areas like climate change, board diversity, human capital management, and cyber-security risk governance.
-
ArticleJBS USA confirms $11M ransom payment to hackers
Meatpacker JBS USA announced it paid the equivalent of $11 million in ransom in response to a May cyber-attack that impacted its operations in North America and Australia.
-
ArticleAssessing yet another ransomware attack on critical supplier (JBS)
Meatpacker JBS USA has become the latest critical infrastructure company to be targeted by a ransomware attack, which temporarily halted its global operations. The attack brings with it implications for the food and agriculture industries.
-
ArticleColonial Pipeline fallout: Thwarting ransomware attacks requires collective defense
President Biden’s executive order on cyber-security largely applies to federal agencies. But its core message—that the public and private sectors must collectively defend against increasingly malicious ransomware attacks—should not be lost on companies.