Security News
An offshore Cayman Islands bank's backups, covering a $500 million investment portfolio, were left unsecured and leaking personal banking information, passport data and even online banking PINs. Once evidence was given to the bank of the exposed data, the information was passed onto a bank staffer with a college computer science background, the report added.
"The traditional processes that banks and other financial institutions employ are a bit resource-intensive and often those processes are manual so they've innovated to add some software modeling in an attempt to draw inferences from patterns that they see in their transactions and in their operations to help inform a potential theft, fraud or money laundering," said Michael Reed, director of the Blockchain Program at Intel. "But even those have high false-positive rates which can be disruptive to their customer relationships and also just cost them more time and money in their operations. Confidential computing is a new tool that banks and other corporations are using to help address their own security challenges. It's an emerging technology that helps secure data while it's in use."
Jack Wallen thinks banks and credit card companies need to start considering radical ideas to increase their security. How many times have you had your bank account information or credit card number stolen, only to see your accounts drained? When that happens, you have to not only work with the bank to get your funds back, but jump through all of the hoops when subscribed services start sending you alerts that your payment didn't go through.
Typing in your login data on the fake site exposes your credentials to the crooks because your password is sent to them instead of to your real mobile phone provider. As you can see from the list above, it's theoretically possible that getting your mobile phone account password hacked might give the crooks a way in to your bank account too, especially if you used the same password on your banking site as elsewhere.
The criminals who took out Scotland's Dundee and Angus College made a ransom demand that precisely added up to the contents of its bank account - and that was no accident, its principal has said. In a postmortem interview with academic IT nonprofit Jisc, Simon Hewitt lifted the lid on the 31 January ransomware attack, which went on for days and saw the college's entire IT estate almost completely wiped.
Mastercard announced Cyber Secure, an AI-powered suite of tools that allows banks to assess cyber risk across their ecosystem and prevent potential breaches. Acquiring banks can help merchants understand their own cyber risk, preventing hundreds of millions of dollars in potential fraud.
Details of bank vault floor plans, alarm systems and the security arrangements for Swedish authorities have been leaked online after a security company was hacked, local media reported Tuesday. A total of 19 gigabytes of information and around 38,000 files were stolen from security group Gunnebo by one or more hackers in August, according to newspaper Dagens Nyheter.
Behavox announced that Danske Bank has successfully implemented Behavox's solution in less than five months for compliance supervision. In June, Danske Bank partnered with Behavox to establish group wide compliance communications monitoring, and has since completed a seamless, full SaaS implementation of the Behavox Compliance solution.
Many banks across the U.S. and Canada are failing to meet their customers' online identity fraud and digital banking needs, according to a survey from FICO. Despite COVID-19 quickly turning online banking into an essential service, the survey found that financial institutions across North America are struggling to establish practices that combat online identity fraud and money laundering, without negatively impacting customer experience. 51 percent of North American banks are still asking customers to prove their identities by visiting branches or posting documents when opening digital accounts.
Documents filed by cloud software provider Blackbaud with the United States Securities and Exchange Commission this week reveal that bank account details and social security numbers might have been affected in a ransomware attack earlier this year. At the time, the company admitted to paying ransomware operators so that they would delete the data exfiltrated during the attack, but said that no personally identifiable information or bank account details were compromised.