Now that RBI Governor Urjit Patel has stepped down, the security community is waiting to see how the central bank's cybersecurity strategy might change under new leadership.
The Reserve Bank of India, the country's central bank, has imposed a fine of 10 million rupees ($139,000) on Indian Bank for failing to adhere to RBI's cybersecurity guidelines.
Breach victims who sign up for free fraud-monitoring services from breached businesses that lost control of their data often sign away their right to join class-action lawsuits or pursue other legal actions, and Marriott proved to be no exception, following its mega-breach. But it now appears to be backing off.
Is there anything better than being offered one year of "free" identity theft monitoring? Regularly offered with strings attached by organizations that mishandled your personal details, the efficacy and use of such services looks set for a U.S. Government Accountability Office review.
Google says a buggy API update it pushed last month for its soon-to-be-mothballed Google+ social network exposed personal information for 52.2 million users. The data-exposure alert arrives just two months after Google admitted that a March problem with the same API exposed data for 500,000 users.
The massive data breach suffered by Equifax in 2017 "was entirely preventable," according to a report released by the House Oversight Committee's Republican majority. Some Democratic lawmakers have slammed the report for failing to advance legislative or oversight changes to help prevent breaches.
Hackers have been plugging inexpensive hardware into banks' local area networks to help perpetrate heists that have stolen tens of millions of dollars, warns Kaspersky Lab. It says that since 2017, the "DarkVishnya" attack campaign has hit at least eight Eastern European banks.
Victims of the massive Marriott International data breach, which exposed data for 500 million customers, including some passport numbers, may be able to claim reimbursement for the cost of obtaining a replacement passport, provided they can prove it led to fraud.
The U.K.'s privacy watchdog says that six months after enforcement of the EU's General Data Protection Regulation began, it's seen a dramatic increase in data breach reports - as well as privacy complaints from the public.
The Financial Services Sector Coordinating Council recently unveiled the Cybersecurity Profile - a framework that integrates widely used standards and supervisory expectations to help financial institutions develop cyber risk management programs. Josh Magri of the Bank Policy Institute outlines key elements.
Credential abuse attacks and identity theft incidents are rising, with attackers leveraging botnets to launch coordinated campaigns with high success rates, says Aseem Ahmed of Akamai Technologies, who shares best practices for mitigating the threats.
A new study shows mobile apps in India seek access to more data than apps in other nations, says Shivangi Nadkarni, CEO at Arrka Consulting. Nadkarni says the data protection bill being considered in India eventually could help curb access to information via apps.
Banks' boards of directors need to understand the implications of cybersecurity in terms of the overall risk structure, says Bhaskar Pramanik, a board member at State Bank of India and former chairman of Microsoft India.
Vaishali Bhagwat, cyber lawyer and advocate, contends that the "harms-based" approach in India's data protection bill is more appropriate than the "rights-based" approach taken by the European Union's General Data Protection Regulation
A batch of documents meant to be kept under court seal lays bare Facebook's strategic brokering of access to user data to reward partners and punish potential rivals. The material also demonstrates Facebook's views at the time on privacy and the risks of leaking data.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.