Abanca fined $3.3M for missing 2-hour breach reporting deadline
By 
Neil Hodge2022-12-19T18:25:00
The European Central Bank (ECB) fined Spanish bank Abanca 3.145 million euros (U.S. $3.3 million) after it “knowingly failed” to report a major cyber breach within the prescribed two-hour time limit.
In February 2019, Abanca was targeted by a cyberattack that infected its IT systems with malicious software. The bank was forced to suspend payments through its internet and mobile banking services, cash machines, and SWIFT (Society for Worldwide Interbank Financial Telecommunications) payment services.
None of the bank’s customers suffered financial loss because of the breach.
Related articles
-
ArticleFormer Credit Suisse compliance officer charged with money laundering
A compliance officer is facing charges for laundering $7 million in a complex legal case in Switzerland. Swiss prosecutors have charged Credit Suisse, and one of its former employees, with failing to maintain adequate controls.
-
News BriefCFPB humility pledge reshapes exam process, as agency faces uncertain future
The U.S. Consumer Financial Protection Bureau’s Supervision Division introduced a new “humility pledge” last month that examiners will read aloud at the start of each oversight engagement. It’s another shift in how the organization handles itself under the Trump administration.
-
OpinionWhy the EU’s new Machinery Regulation is a wake-up call on cybersecurity
The European manufacturing industry is on the cusp of a regulatory shift that promises to reshape how machines are designed and operated.
More from Regulatory Enforcement
-
ArticleSan Francisco firm pays $11.4M for alleged Russia-related sanctions violations
A San Francisco-based private equity firm has agreed to pay $11.4 million to settle allegations it violated U.S. sanctions rules by handling investments for a sanctioned Russian oligarch.
-
ArticleCompany agrees to report to FTC for 10 years for alleged student data lapses
A tech company that stores student information for schools has agreed to implement a data security program and report to the Federal Trade Commission for 10 years, after security failures led to data for 10 million students being breached.
-
ArticleLarge wound care practice pays $45M, agrees to monitoring
One of the largest wound care practices in the nation and its founder have agreed to pay $45 million and be subjected to third-party monitoring, to settle allegations that the business intentionally overbilled Medicare by priming its electronic medical records system to do so.