Financial Services and Information Security - Information Management Today

Toyota Financial Services discloses a data breach

Security Affairs

DECEMBER 11, 2023

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data.

Financial Services

Financial Services Data breaches Ransomware Insurance

Medusa ransomware gang claims the hack of Toyota Financial Services

Security Affairs

NOVEMBER 17, 2023

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Toyota Financial Services confirmed the discovery of unauthorized activity on systems in a limited number of its locations. The company has yet to disclose a data breach.

Financial Services

Financial Services Ransomware Data breaches Insurance

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Security Affairs

OCTOBER 31, 2024

Peruvian Interbank confirmed a data breach after threat actors accessed its systems and leaked stolen information online. Interbank , formally the Banco Internacional del Perú Service Holding S.A.A. is a leading Peruvian provider of financial services has over 2 million customers.

Data breaches

Data breaches Financial Services Passwords Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Fidelity Investments suffered a second data breach this year

Security Affairs

OCTOBER 14, 2024

US-based financial services company Fidelity Investments warns 77,000 individuals of a data breach that exposed their personal information. based financial services company Fidelity Investments is notifying 77,099 individuals that their personal information was compromised in an August cyberattack.

Data breaches

Data breaches Financial Services Access Security

ICICI Bank exposed credit card data of 17000 customers

Security Affairs

APRIL 28, 2024

ICICI Bank Limited is an Indian multinational bank and financial services company headquartered in Mumbai. It offers a wide range of banking and financial services for corporate and retail customers. The bank has a network of 6000 branches, and 17000 ATMs across India and has a presence in 17 countries.

Financial Services

Financial Services Retail IT Information Security

Reducing Risk by Breaking Down Supply Chain Siloes

Data Breach Today

AUGUST 3, 2022

Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says.

Risk

Risk Financial Services Information Security Security

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July.

Insurance

Insurance Data breaches Financial Services Passwords

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

Security Affairs

AUGUST 20, 2024

In December 2023, Toyota Financial Services (TFS) warned customers it had suffered a data breach that exposed sensitive personal and financial data. Toyota Financial Services (TFS) is the finance arm of the Toyota Motor Corporation.

Data breaches

Data breaches Financial Services Archiving Passwords

U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours

Security Affairs

NOVEMBER 20, 2021

According to the Reuters , the banking industry had successfully completed a massive cross-industry cyber security drill to test the response to a ransomware attack that threatens to disrupt a range of financial services. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, U.S.

Cybersecurity

Cybersecurity Financial Services Insurance Ransomware

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

The majority of intercepted credentials by Agent Tesla related to financial services, online-retailers, e-government systems and personal and business e-mail accounts. . Researchers found active instances of Agent Tesla and developed a mechanism to enumerate the affected clients and extract compromised data.

Financial Services

Financial Services Retail Education Information Security

LoanDepot data breach impacted roughly 16.6 individuals

Security Affairs

JANUARY 23, 2024

Financial services company LoanDepot disclosed a data breach that impacted roughly 16.6 LoanDepot is a financial services company that primarily operates as a mortgage lender. The company provides a range of mortgage and non-mortgage loan products and services. million individuals. million individuals.

Data breaches

Data breaches Financial Services Cybersecurity Ransomware

Pacific City Bank hit by AVOS Locker Ransomware

Security Affairs

SEPTEMBER 5, 2021

The cybercriminals defined the security implemented by the bank terrible. “Pacific City Bank provides outstanding banking and financial services for businesses and consumers. but they have horrible security)” reads the message published on the leak site.

Ransomware

Ransomware Financial Services Archiving Security

Akamai prevented the largest DDoS attack on a US financial company

Security Affairs

SEPTEMBER 10, 2023

. “Historically, approximately 10% to 15% of the DDoS attacks observed by Akamai have been aimed at customers in the financial services industry.” In fact, over the past four quarters, more than 30% of the DDoS attacks have been aimed at financial services companies.” ” concludes Akamai.

Financial Services

Financial Services Ransomware Cybersecurity IT

The G7 expresses its concern over ransomware attacks

Security Affairs

OCTOBER 14, 2020

Not only can the financial costs be high, but the disruption to critical sectors, including financial services and healthcare, as well as the exposure of confidential information, can cause severe damage.” “The G7 is committed to working with our financial sectors to combat ransomware.

Ransomware

Ransomware IT Financial Services Data Privacy

Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack

Security Affairs

NOVEMBER 10, 2023

Treasury market and impacted some fixed income and equities transactions “The Securities Industry and Financial Markets Association first told members on Wednesday that ICBC Financial Services had been hit by ransomware software, which paralyses computer systems unless a payment is made, several people familiar with the discussions said.”

Ransomware

Ransomware Financial Services Marketing Authentication

Microsoft seized 240 sites used by the ONNX phishing service

Security Affairs

NOVEMBER 23, 2024

Microsoft states that phishing heavily targets financial services, risking losses like life savings. Multiple threat actors purchased the kits developed by Nady and used them in widespread phishing campaigns to steal credentials of Microsoft customer accounts.

Phishing

Phishing Financial Services Risk Access

Morgan Stanley discloses data breach after the hack of a third-party vendor

Security Affairs

JULY 8, 2021

The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. The company has offices in more than 42 countries and more than 60,000 employees, it has clients in multiple industries. . ” reads the letter.

Data breaches

Data breaches Encryption Financial Services Access

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. These revisions represent the most significant modifications since the enactment of the rules in March 2017.

Financial Services

Financial Services Cybersecurity Compliance Government

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

Security Affairs

DECEMBER 4, 2023

The experts called it ‘prepositioning’ to analyze the response from financial organizations globally and the reaction of the market. LockBit specifically targeted ICBC Financial Services (ICBC FS), a wholly owned U.S. subsidiary of the state-owned lender, which plays a critical role in the world of international finance.

Ransomware

Ransomware Financial Services Marketing Government

A massive DDoS attack took down the site of the German financial agency BaFin

Security Affairs

SEPTEMBER 4, 2023

The BaFin is responsible for overseeing banks, insurance companies, investment firms, and other financial institutions. BaFin also regulates the securities markets and the financial services industry.

Financial Services

Financial Services Military Insurance Marketing

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

“As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert.

Ransomware

Ransomware Financial Services Manufacturing Government

The New Version of JsOutProx is Attacking Financial Institutions in APAC and MENA via Gitlab Abuse

Security Affairs

APRIL 3, 2024

Resecurity researchers warn that a new Version of JsOutProx is targeting financial institutions in APAC and MENA via Gitlab abuse. Resecurity has detected a new version of JSOutProx , which is targeting financial services and organizations in the APAC and MENA regions.

Financial Services

Financial Services Phishing IT Information Security

A cyber attack hit Nissan Oceania

Security Affairs

DECEMBER 7, 2023

“The Australian and New Zealand Nissan Corporation and Financial Services (“Nissan”) advises that its systems have been subject to a cyber incident. Nissan is working with its global incident response team and relevant stakeholders to investigate the extent of the incident and whether any personal information has been accessed.”

Financial Services

Financial Services Data breaches Ransomware Access

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

The SEC said that under First American’s remediation policies, if the person responsible for fixing the problem is unable to do so based on the timeframes listed above, that employee must have their management contact the company’s information security department to discuss their remediation plan and proposed time estimate.

Insurance

Insurance Risk Financial Services Mining

DarkCasino joins the list of APT groups exploiting WinRAR zero-day

Security Affairs

NOVEMBER 20, 2023

During its initial phase, DarkCasino primarily conducted operations in Mediterranean countries and various other Asian nations, utilizing online financial services Recently the group changed phishing methods and aimed at users of cryptocurrencies worldwide, even including non-English-speaking Asian countries such as South Korea and Vietnam.

Phishing

Phishing Archiving Financial Services Cybersecurity

BlackCocaine Ransomware, a new malware in the threat landscape

Security Affairs

JUNE 5, 2021

Recently Cyber researchers for Cyble investigated an attack suffered by on May 30, 2021, by Nucleus Software, an India-based IT company in the Banking and Financial Services sector. The company reported the security breach to the Bombay Stock Exchange (BSE) and the National Stock Exchange of India (NSEI).

Ransomware

Ransomware Encryption File names Financial Services

BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign

Security Affairs

DECEMBER 15, 2023

Resecurity’s HUNTER (HUMINT) unit spotted the BianLian , White Rabbit , and Mario ransomware gangs collaborating in a joint extortion campaign targeting publicly-traded financial services firms.

Ransomware

Ransomware Financial Services Cybersecurity Passwords

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. Consider installing and using a VPN.

Ransomware

Ransomware Passwords Encryption Financial Services

Papua New Guinea ‘s finance ministry was hit by a ransomware

Security Affairs

OCTOBER 29, 2021

“The government and the people of Papua New Guinea can be assured that the government financial services will continue as usual,” Pundari said. “The Department is conscious of the security and integrity of its data. The government was not able to pay cheques and ordinary operations were impacted.

Ransomware

Ransomware Financial Services Government Data breaches

Terrorist Activity is Accelerating in Cyberspace – Risk Precursor to Summer Olympics and Elections

Security Affairs

JULY 25, 2024

According to experts, one of the key issues is tracking high-risk individuals who may misuse financial services, such as banks, e-commerce platforms, and payment networks, to engage in illegal activities, including money laundering and terrorism financing.

Risk

Risk e-Delivery Communications Financial Services

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Security Affairs

DECEMBER 22, 2023

The Australian and New Zealand Nissan Corporation and Financial Services (“Nissan”) advises that its systems have been subject to a cyber incident. Nissan is working with its global incident response team and relevant stakeholders to investigate the extent of the incident and whether any personal information has been accessed.”

Ransomware

Ransomware Data breaches Financial Services Archiving

Microsoft: Russia-linked SolarWinds hackers breached three new entities

Security Affairs

JUNE 26, 2021

The hackers also targeted non-governmental organizations and think tanks, as well as financial services. Most of the targeted organizations are IT companies (57%), followed by government organizations (20%). In all, 36 countries were targeted.” ” reads the post published by Microsoft.

Financial Services

Financial Services Access Passwords Authentication

Why CISA is Warning CISOs About a Breach at Sisense

Krebs on Security

APRIL 11, 2024

New York City based Sisense has more than 1,000 customers across a range of industry verticals, including financial services, telecommunications, healthcare and higher education. ” “We are taking this matter seriously and promptly commenced an investigation,” Dash continued.

Encryption

Encryption Passwords Access Financial Services

Oracle Critical Patch Update for January 2022 will fix 483 new flaws

Security Affairs

JANUARY 17, 2022

.” The CPU will address critical vulnerabilities in Oracle Essbase, Graph Server and Client, Secure Backup, Communications Applications, Communications, Construction and Engineering, Enterprise Manager, Financial Services Applications, Fusion Middleware, Insurance Applications, PeopleSoft, Support Tools, and Utilities Applications.

Communications

Communications Financial Services Big data Retail

SharkBot, a new Android Trojan targets banks in Europe

Security Affairs

NOVEMBER 15, 2021

. “With the discover of SharkBot we have shown new evidence about how mobile malwares are quickly finding new ways to perform fraud, trying to bypass behavioural detection countermeasures put in place by multiple banks and financial services during the last years.” ” concludes the report.

Financial Services

Financial Services Access Security IT

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs

Security Affairs

AUGUST 23, 2021

Razer is a very popular computer peripherals manufacturer that designs, develops, and sells consumer electronics, financial services, and gaming hardware, including gaming mouses and keyboards.

Computer and Electronics

Computer and Electronics Manufacturing Financial Services Access

Ransomware infected systems at Xchanging, a DXC subsidiary

Security Affairs

JULY 6, 2020

Xchanging employs over 7,000 people worldwide and offers IT outsourcing, infrastructure including network managed services, software products and application management. Securities and Exchange Commission (SEC). The company disclosed the security breach on July 5, but it is not clear when it has discovered the attack.

Ransomware

Ransomware Insurance Financial Services Manufacturing

Summary – “Industry in One: Financial Services”

ARMA International

NOVEMBER 7, 2019

The scope of a records and information management (RIM) program in financial services can seem overwhelming. Compared to other industries, the complexities of managing records and information in financial services are arguably some of the toughest to solve, primarily because of the intense regulatory scrutiny.

Financial Services

Financial Services Communications Compliance Risk

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

The credentials are sold for an average of $15.43, the most expensive pairs relate to banking and financial services accounts, with an average price of nearly $71. According to the company, most of the username and password combinations are available for free, and 5 billion of the above credentials are “unique.”

Marketing

Marketing Passwords Financial Services Access

Fake Microsoft Teams notifications aim at stealing Office365 logins

Security Affairs

MAY 2, 2020

.” A few days ago, researchers from Group-IB reported a campaign dubbed “ PerSwaysion ,” in which attackers exploit Microsoft’s Sway file-sharing to gain access to many confidential corporate MS Office365 emails of mainly financial service companies, law firms, and real estate groups. Recently the U.S.

Phishing

Phishing Financial Services Cybersecurity Access

Threat actors stole $19 million worth of crypto assets from Cream Finance

Security Affairs

AUGUST 31, 2021

Finance is a decentralized lending protocol for individuals, institutions and protocols to access financial services. The security breach was confirmed by the company with a message via Twitter: C.R.E.A.M. It promises earnings to users who are passively holding ETH or wBTC.

Blockchain

Blockchain Financial Services Marketing Security

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023.

Ransomware

Ransomware Cybersecurity Agriculture Education

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Security Affairs

DECEMBER 26, 2023

It also involves actively identifying and securing potential vulnerabilities in IT/OT supply chains, and identity protection implementation for citizens and e-government. 5️ Digital Identity in the Crosshairs of Cyber Attacks Expect a proliferation of attacks against digital identity, leading to unprecedented large-scale data breaches.

Energy and Utilities

Energy and Utilities Artificial Intelligence Ransomware Data breaches

Toyota Financial Services discloses a data breach

Medusa ransomware gang claims the hack of Toyota Financial Services

Webinars

Trending Sources

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Webinars

Fidelity Investments suffered a second data breach this year

ICICI Bank exposed credit card data of 17000 customers

Reducing Risk by Breaking Down Supply Chain Siloes

American Insurance firm State Farm victim of credential stuffing attacks

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

LoanDepot data breach impacted roughly 16.6 individuals

Pacific City Bank hit by AVOS Locker Ransomware

Akamai prevented the largest DDoS attack on a US financial company

The G7 expresses its concern over ransomware attacks

Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack

Microsoft seized 240 sites used by the ONNX phishing service

Morgan Stanley discloses data breach after the hack of a third-party vendor

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

A massive DDoS attack took down the site of the German financial agency BaFin

Law enforcement operation seized Ragnar Locker group’s infrastructure

The New Version of JsOutProx is Attacking Financial Institutions in APAC and MENA via Gitlab Abuse

A cyber attack hit Nissan Oceania

First American Financial Pays Farcical $500K Fine

DarkCasino joins the list of APT groups exploiting WinRAR zero-day

BlackCocaine Ransomware, a new malware in the threat landscape

BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign

Avoslocker ransomware gang targets US critical infrastructure

Papua New Guinea ‘s finance ministry was hit by a ransomware

Terrorist Activity is Accelerating in Cyberspace – Risk Precursor to Summer Olympics and Elections

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Microsoft: Russia-linked SolarWinds hackers breached three new entities

Why CISA is Warning CISOs About a Breach at Sisense

Oracle Critical Patch Update for January 2022 will fix 483 new flaws

SharkBot, a new Android Trojan targets banks in Europe

Operation Cronos: law enforcement disrupted the LockBit operation

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs

Ransomware infected systems at Xchanging, a DXC subsidiary

Summary – “Industry in One: Financial Services”

15 billion credentials available in the cybercrime marketplaces

Fake Microsoft Teams notifications aim at stealing Office365 logins

Threat actors stole $19 million worth of crypto assets from Cream Finance

Cybersecurity agencies published a joint LockBit ransomware advisory

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Stay Connected