Skip to main content
Skip to navigation

Regulatory Enforcement

SEC orders Equiniti to pay $850K over alleged lax cybersecurity

By Adrianne Appel2024-08-21T21:03:00

Equiniti Trust Company has agreed to pay $850,000 to the Securities and Exchange Commission (SEC) to settle allegations that its failed security measures allowed millions in client funds to be stolen in two cyber incidents.

Equiniti, formerly known as American Stock Transfer & Trust Company, experienced two cyber intrusions, in 2022 and 2023, respectively, which led to the loss of more than $6.6 million in client funds, the SEC said a press release Tuesday. American Stock reimbursed clients who experienced losses, the agency noted.

However, it was American Stock’s poor security measures that allowed the intruders to be successful at stealing client assets, the SEC said in its order.

THIS IS MEMBERS-ONLY CONTENT

You are not logged in and do not have access to members-only content.

If you are already a registered user or a member, SIGN IN now.

Related articles

News Brief
Government contractor fined $307K after third-party hack compromised personal data

2024-10-16T15:34:00Z By Aaron Nicodemus

It was a double whammy of cybersecurity no-nos for a federal contractor hit with a data breach: The personal data of Medicare beneficiaries contained in unencrypted screenshots were allegedly compromised when their third-party vendor’s server was hacked.
Premium
Expert: Clorox ‘trying to do the right thing’ with rapid cyberattack disclosures

2023-10-05T19:58:00Z By Adrianne Appel

The timing of a recent cyberattack against Clorox juxtaposed against the Securities and Exchange Commission’s adoption of its cybersecurity incident disclosure rule soon to take effect has presented a case study regarding how companies might seek to meet the requirements of the rule.
Blog
Some key cyber-security tips for financial firms

2017-01-31T14:00:00Z By John Reed Stark

As the SEC and FINRA are taking cyber-security much more seriously, John Reed Stark outlines a few ways in which financial firms can also do more to protect their data.

More from Regulatory Enforcement

Article
Top Ethics and Compliance Failures of 2025

2025-12-17T20:09:00Z By Adrianne Appel

The 2025 year has been so rich with compliance stinkers, and rife with poor judgment, compliance missteps, outright malfeasance and greed, greed, greed, that it was almost impossible to choose just six epic compliance failures from this year’s massive poop pile.
Article
FATF focus on criminal asset recovery points to a more investigatory role for compliance

2025-12-11T21:18:00Z By Ruth Prickett

Global organised crime is booming, and only 1 to 2 percent of the $4 trillion black economy is intercepted, according to figures from the Financial Action Task Force. Its new guidance suggests that countries should focus on rapid investigations, collaborative intelligence gathering, and confiscating the proceeds of criminal activity.
Article
Crypto network Paxful will plead guilty to BSA violations, pay $4M fine, shut down

2025-12-11T21:14:00Z By Oscar Gonzalez

Paxful, a crypto peer-to-peer network, will plead guilty to multiple federal criminal charges related to violations of the Bank Secrecy Act (BSA), among others. The plea agreement follows years of scrutiny from regulators over anit-money laundering (AML) compliance failures.