2023, Financial Services and Security - Information Management Today

Toyota Financial Services discloses a data breach

Security Affairs

DECEMBER 11, 2023

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data.

Financial Services

Financial Services Data breaches Ransomware Insurance

Medusa ransomware gang claims the hack of Toyota Financial Services

Security Affairs

NOVEMBER 17, 2023

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Toyota Financial Services confirmed the discovery of unauthorized activity on systems in a limited number of its locations. The company has yet to disclose a data breach.

Financial Services

Financial Services Ransomware Data breaches Insurance

DarkCasino joins the list of APT groups exploiting WinRAR zero-day

Security Affairs

NOVEMBER 20, 2023

The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831. Researchers at cybersecurity firm NSFOCUS analyzed DarkCasino attack pattern exploiting the WinRAR zero-day vulnerability tracked as CVE-2023-38831. ” reads the report published by NSFOCUS.

Phishing

Phishing Archiving Financial Services Cybersecurity

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack

Security Affairs

NOVEMBER 10, 2023

Treasury market and impacted some fixed income and equities transactions “The Securities Industry and Financial Markets Association first told members on Wednesday that ICBC Financial Services had been hit by ransomware software, which paralyses computer systems unless a payment is made, several people familiar with the discussions said.”

Ransomware

Ransomware Financial Services Marketing Authentication

A massive DDoS attack took down the site of the German financial agency BaFin

Security Affairs

SEPTEMBER 4, 2023

The BaFin is responsible for overseeing banks, insurance companies, investment firms, and other financial institutions. BaFin also regulates the securities markets and the financial services industry. Aufgrund eines DDoS-Angriffs ist die BaFin-Website seit Freitag, 01.09.23, nur eingeschränkt erreichbar.

Financial Services

Financial Services Military Insurance Marketing

ICICI Bank exposed credit card data of 17000 customers

Security Affairs

APRIL 28, 2024

ICICI Bank Limited is an Indian multinational bank and financial services company headquartered in Mumbai. It offers a wide range of banking and financial services for corporate and retail customers. However, we assure that the Bank will appropriately compensate a customer in case of any financial loss.”

Financial Services

Financial Services Retail IT Information Security

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

Security Affairs

AUGUST 20, 2024

branch of Toyota, stealing 240GB of files containing information on Toyota employees, customers, contracts, and financial details. However, the company attempted to downplay the incident claiming that the security breach is limited in scope. Toyota Financial Services (TFS) is the finance arm of the Toyota Motor Corporation.

Data breaches

Data breaches Financial Services Archiving Passwords

Akamai prevented the largest DDoS attack on a US financial company

Security Affairs

SEPTEMBER 10, 2023

“On September 5, 2023, at approximately 19:31 UTC, Akamai Prolexic, our distributed denial-of-service (DDoS) defense platform, successfully detected and prevented the largest DDoS attack directed at one of the biggest and most influential U.S. financial institutions on the Prolexic platform.” gigabits per second.

Financial Services

Financial Services Ransomware Cybersecurity IT

Vendor Email Compromise Attacks Against Financial Services Surge 137% Last Year

KnowBe4

FEBRUARY 2, 2024

Analysis of 2023 attacks shows how the financial services industry had a very bad year, with increases in both vendor email compromise (VEC) and business email compromise (BEC) attacks, targeting millions of dollars using very specific methods.

Financial Services

Financial Services Security awareness Security

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

“As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert.

Ransomware

Ransomware Financial Services Manufacturing Government

Defending Financial Services Against Fraud in a Shifting Cyber Landscape

Thales Cloud Protection & Licensing

NOVEMBER 13, 2023

Defending Financial Services Against Fraud in a Shifting Cyber Landscape sparsh Tue, 11/14/2023 - 05:05 As we approach International Fraud Awareness Week during 12-18 November 2023, taking stock of the evolving threat landscape and the vulnerabilities that financial services organizations face is crucial.

Financial Services

Financial Services Blockchain Encryption Cloud

Infosys McCamish Systems data breach impacted over 6 million people

Security Affairs

JUNE 29, 2024

Infosys McCamish Systems (IMS) revealed that the 2023 data breach following the LockBit ransomware attack impacted 6 million individuals. IMS specializes in providing business process outsourcing (BPO) and information technology (IT) services specifically tailored for the insurance and financial services industries.

Data breaches

Data breaches e-Discovery Ransomware Insurance

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Security Affairs

DECEMBER 22, 2023

Nissan already notified the Australian Cyber Security Centre and the New Zealand National Cyber Security Centre. The Australian and New Zealand Nissan Corporation and Financial Services (“Nissan”) advises that its systems have been subject to a cyber incident. reads the statement published by the company on its website.

Ransomware

Ransomware Data breaches Financial Services Archiving

The Number of Ransomware Attacks Around the World Increased by 73% in 2023

KnowBe4

SEPTEMBER 30, 2024

The number of ransomware attacks around the world increased by 73% in 2023, according to a new report by the Institute for Security and Technology’s Ransomware Task Force (RTF).

Ransomware

Ransomware Financial Services Government Security

Nissan Oceania data breach impacted roughly 100,000 people

Security Affairs

MARCH 14, 2024

The ransomware attack that hit the systems of Nissan Oceania in December 2023 impacted roughly 100,000 individuals. Nissan Oceania, the regional division of the multinational carmaker, announced in December 2023 that it had suffered a cyber attack and launched an investigation into the incident.

Data breaches

Data breaches Financial Services Ransomware Government

News alert: Gcore Radar reveals 56% rise in DDoS attacks – gaming industry targeted the most

The Last Watchdog

FEBRUARY 11, 2025

11, 2025, CyberNewswire — Gcore , the global edge AI, cloud, network, and security solutions provider, today announced the findings of its Q3-Q4 2024 Radar report into DDoS attack trends. Q3-Q4 2024 highlights Compared to Q3Q4 2023, the number of DDoS attacks have risen by 56%, which highlights a steep long-term growth trend.

Financial Services

Financial Services Cloud Ransomware Security

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. was the prevalent variant in 2023.

Ransomware

Ransomware Cybersecurity Agriculture Education

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

IBM Cloud releases 2023 IBM Cloud for Financial Services Agreed-Upon Procedures (AUP) Report

IBM Big Data Hub

MAY 23, 2023

IBM Cloud completed its 2023 independent review of IBM Cloud services and processes. The review report demonstrates to its clients, partners and other interested parties that IBM Cloud services have implemented and adhere to the technical, administrative and physical control requirements of IBM Cloud Framework for Financial Services.

Financial Services

Financial Services Cloud Compliance Risk

Latitude Data breach is worse than initially estimated. 14 million individuals impacted

Security Affairs

MARCH 28, 2023

Australian loan giant Latitude Financial Services (Latitude) revealed that a data breach its has suffered impacted 14 million customers. The data breach suffered by Latitude Financial Services (Latitude) is much more serious than initially estimated. Latitude reported the security breach to the Australian Federal Police.

Data breaches

Data breaches Financial Services Passwords Security

Mitigating the impact of climate change in insurance and other financial services

IBM Big Data Hub

MARCH 25, 2024

The US experienced 25 extreme weather events in 2023, each causing losses of over USD 1 billion, with a total cost of USD 73.8 These climate events have a huge potential impact on financial institutions. Across the financial sector, there are transition risks to consider as we move to a low-carbon economy.

Financial Services

Financial Services Insurance Risk Agriculture

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. On December 1, 2023, the initial updates to existing reporting requirements will go into effect.

Financial Services

Financial Services Cybersecurity Compliance Government

The largest Russian bank Sberbank hit by a massive DDoS attack

Security Affairs

NOVEMBER 9, 2023

Sberbank , the Russian banking and financial services giant, announced that it was recently hit by a record-breaking distributed denial of service (DDoS) attack that reached 1 million RPS. Then it did not affect the availability of bank services.

Personal data

Personal data Financial Services Marketing Cloud

New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024

Thales Cloud Protection & Licensing

OCTOBER 24, 2024

New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024 madhav Fri, 10/25/2024 - 06:09 The next major deadline for compliance with the updated cybersecurity rules from the New York State Department of Financial Services (NYDFS) is November 1, 2024.

Cybersecurity

Cybersecurity Financial Services Encryption Compliance

CHINA: New draft proposes more stringent requirements for processing data in the financial services industry

DLA Piper Privacy Matters

AUGUST 8, 2023

Authors: Carolyn Bigg, Amanda Ge and Venus Cheung On July 24, 2023, the People’s Bank of China (“ PBOC ”) released the Measures for the Management of Data Security in the Business Areas Falling into PBOC’s Jurisdiction (Draft for Comment) (“ Draft Measures” ) for public consultation, which closes on August 24, 2023.

Financial Services

Financial Services Personal data Compliance Data collection

Remcos RAT campaign targets US accounting and tax return preparation firms

Security Affairs

APRIL 16, 2023

The phishing attacks began in February 2023, the IT giant reported. The recent campaign exclusively aims at organizations that deal with tax preparation, financial services, CPA and accounting firms, and professional service firms dealing in bookkeeping and tax. Ahead of the U.S. LNK) files.

Phishing

Phishing Financial Services Education Cybersecurity

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Security Affairs

JUNE 6, 2024

” said Bryan Vorndran, the Assistant Director at the FBI Cyber Division, during the 2024 Boston Conference on Cyber Security. The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Encryption

A Russian national charged for committing LockBit Ransomware attacks

Security Affairs

JUNE 16, 2023

The US authorities arrested the man in Arizona last month DoJ states that from at least as early as August 2020 to March 2023, Astamirov and other members of the LockBit ransomware gang committed wire fraud and compromised many computer systems worldwide attempting to extort the victims of ransomware attacks. law enforcement).

Ransomware

Ransomware Agriculture Education Government

Solid Data Security: The Foundation of a Safe Digital World

Thales Cloud Protection & Licensing

OCTOBER 16, 2024

Solid Data Security: The Foundation of a Safe Digital World madhav Thu, 10/17/2024 - 04:58 It’s that time of year again. This year’s theme, “Secure Our World,” encourages people to safeguard the digital assets that are instrumental to their personal and professional lives. Oh, and it’s Cybersecurity Awareness Month. The result?

Security

Security Encryption Data breaches Cybersecurity

A massive phishing campaign using QR codes targets the energy sector

Security Affairs

AUGUST 16, 2023

Starting from May 2023, researchers from Cofense discovered a large-scale phishing campaign using QR codes in attacks aimed at stealing the Microsoft credentials of users from multiple industries One of the organizations targeted by hackers is a notable energy company in the US. com (Cloudflare’s Web3 services).

Phishing

Phishing Energy and Utilities Insurance Manufacturing

RSAC Fireside Chat: The need to stop mobile apps from exposing API keys, user credentials in runtime

The Last Watchdog

MAY 23, 2023

Related: Collateral damage of T-Mobile hack Yet, APIs have also exponentially increased the attack vectors available to malicious hackers – and the software community has not focused on slowing the widening of this security gap. I learned this from Ted Miracco , CEO of Approov , in a discussion we had at RSA Conference 2023.

Digital transformation

Digital transformation Financial Services Encryption Communications

News alert: Detectify’s EASM research reveals top overlooked vulnerabilities from 2023

The Last Watchdog

DECEMBER 12, 2023

12, 2023 – Detectify , the External Attack Surface Management platform powered by elite ethical hackers, has today released its “ State of EASM 2023 ” report. Over-reliance on frameworks like the CVE program weakens organizations’ security posture and gives them an unrealistic sense of security. •No

Financial Services

Financial Services Risk Communications Marketing

OCR Labs exposes its systems, jeopardizing major banking clients

Security Affairs

APRIL 6, 2023

Financial services are the main target for cybercriminals, so the threat for the organizations and their customers is severe. While financial services are the main target for cybercriminals, the threat to the organizations and their customers is severe. Cybernews contacted OCR Labs, and the company fixed the issue.

IT

IT Financial Services Access Risk

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

Fraud Awareness Week: How to Effectively Protect Your Data and Combat Fraudsters

Thales Cloud Protection & Licensing

NOVEMBER 18, 2024

Thanks to AI, fraud attempts and successful attacks are alarmingly common and more advanced, with many businesses experiencing substantial financial losses directly resulting from these crimes. As stated in the Nasdaq 2024 financial crime report, projected losses from fraud schemes reached $485.6 billion globally in 2023.

Financial Services

Financial Services Encryption Digital transformation Compliance

Collibra Data Intelligence: tackle 2023’s biggest data challenges

Collibra

JANUARY 31, 2023

So CIOs around the world are making their 2023 technology wish lists for the solutions that will help drive data intelligence into the new year. Privacy and protection regulations are growing in numerous industries (such as financial services) and geographic regions (including the EU, Australia, California, and Nevada).

Digital transformation

Digital transformation Data Privacy Privacy Cloud

FiXS, a new ATM malware that is targeting Mexican banks

Security Affairs

MARCH 4, 2023

Researchers at Metabase Q discovered a new ATM malware, dubbed FiXS, that was employed in attacks against Mexican banks since February 2023. Researchers at Metabase Q recently spotted a new ATM malware, dubbed FiXS, that is currently targeting Mexican banks. The name comes from the malware’s code name in the binary.

Metadata

Metadata Financial Services IT Access

Predictions for the financial services industry in 2024

OpenText Information Management

NOVEMBER 22, 2023

The word ‘rollercoaster’ best sums up 2023. All of these elements have put pressure on the financial … The post Predictions for the financial services industry in 2024 appeared first on OpenText Blogs.

Financial Services

Financial Services Artificial Intelligence Customer Experience Content services

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

October is both Cybersecurity Awareness Month in the US and European Cyber Security Month in the EU – twin campaigns on either side of the Atlantic that aim to improve awareness of the importance of cyber security both at work and at home, and provide tips on how to stay secure.

Phishing

Phishing Financial Services Manufacturing Personal data

DORA: 1 year to go! Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds

Thales Cloud Protection & Licensing

JANUARY 16, 2024

Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds madhav Wed, 01/17/2024 - 05:46 The Digital Operational Resilience Act (DORA) will apply to the EU financial sector from 17 January 2025. As set out in its Article 2, DORA applies to the entire financial services sector.

Financial Services

Financial Services Cloud Cybersecurity Encryption

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

IT Governance

NOVEMBER 13, 2023

On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”. Records breached: 79,582 Ontario hospitals update: information relating to 5.6

Data Privacy

Data Privacy Privacy Security Data breaches

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

IT Governance

DECEMBER 11, 2023

Researchers from the German cyber security company Aplite discovered 3,806 servers from 111 countries accessible on the Internet. Source (New) Public Germany Unknown Unknown Bayerische Landesbank Source (New) Finance Germany Unknown Unknown Münchner Verkehrs-gesellschaft Source (New) Transport Germany Unknown Unknown Berlin.de

Data Privacy

Data Privacy Energy and Utilities Privacy Manufacturing

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

Resecurity identified the investment scam network ‘Digital Smoke’

Security Affairs

FEBRUARY 27, 2023

and over $77 worldwide (2022), with significant rapid growth at the start of Q1 2023. A FINRA survey points to health, marital and trust problems resulting from financial scams. One of the latest brands abused in January 2023 was identified as ACWA Power based in the Kingdom of Saudi Arabia. billion in the U.S

Marketing

Marketing Financial Services Government Sales

Toyota Financial Services discloses a data breach

Medusa ransomware gang claims the hack of Toyota Financial Services

Webinars

Trending Sources

DarkCasino joins the list of APT groups exploiting WinRAR zero-day

Webinars

Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack

A massive DDoS attack took down the site of the German financial agency BaFin

ICICI Bank exposed credit card data of 17000 customers

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

Akamai prevented the largest DDoS attack on a US financial company

Vendor Email Compromise Attacks Against Financial Services Surge 137% Last Year

Law enforcement operation seized Ragnar Locker group’s infrastructure

Defending Financial Services Against Fraud in a Shifting Cyber Landscape

Infosys McCamish Systems data breach impacted over 6 million people

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

The Number of Ransomware Attacks Around the World Increased by 73% in 2023

Nissan Oceania data breach impacted roughly 100,000 people

News alert: Gcore Radar reveals 56% rise in DDoS attacks – gaming industry targeted the most

Cybersecurity agencies published a joint LockBit ransomware advisory

Operation Cronos: law enforcement disrupted the LockBit operation

IBM Cloud releases 2023 IBM Cloud for Financial Services Agreed-Upon Procedures (AUP) Report

Latitude Data breach is worse than initially estimated. 14 million individuals impacted

Mitigating the impact of climate change in insurance and other financial services

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

The largest Russian bank Sberbank hit by a massive DDoS attack

New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024

CHINA: New draft proposes more stringent requirements for processing data in the financial services industry

Remcos RAT campaign targets US accounting and tax return preparation firms

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

A Russian national charged for committing LockBit Ransomware attacks

Solid Data Security: The Foundation of a Safe Digital World

A massive phishing campaign using QR codes targets the energy sector

RSAC Fireside Chat: The need to stop mobile apps from exposing API keys, user credentials in runtime

News alert: Detectify’s EASM research reveals top overlooked vulnerabilities from 2023

OCR Labs exposes its systems, jeopardizing major banking clients

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Fraud Awareness Week: How to Effectively Protect Your Data and Combat Fraudsters

Collibra Data Intelligence: tackle 2023’s biggest data challenges

FiXS, a new ATM malware that is targeting Mexican banks

Predictions for the financial services industry in 2024

Catches of the Month: Phishing Scams for October 2023

DORA: 1 year to go! Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

More details about Operation Cronos that disrupted Lockbit operation

Resecurity identified the investment scam network ‘Digital Smoke’

Stay Connected