Despite consumer privacy concerns, lenders move ahead with CCR participation

(Jul 19, 2018) Despite a push from the federal Labor Opposition to delay a government plan that would mandate participation with the country’s voluntary comprehensive credit reporting, many of Australia’s major banks are preparing to engage, The Sydney Morning Herald reports. Equifax, Australia’s biggest credit bureau, now expects the majority of its Australian accounts to be incorporated into the credit reporting system over the next six months. Consumer protection groups worry CCR will adversely affect vulne... Read More

Researcher compiles public-facing transactions from payment app

(Jul 18, 2018) Berlin-based privacy researcher Hang Do Thi Duc has released new research on the more than 18 million Venmo users who have not changed the platform's default settings to make payments private, CNNMoney reports. Venmo, an app that allows individuals to transfer money, facilitated nearly 208 million public transactions last year. "There are some people who are intentionally public, but there are a lot of people who are not aware of this public by default setting," she said. "Whether you're sharing... Read More

Telenor Sweden suffers breach affecting 120K customers

(Jul 12, 2018) Telecompaper reports Telenor Sweden suffered a data breach affecting 120,000 customers. Telenor reported to the Swedish data protection authority a faulty setting resulted in the Identiway authentication service it was using passing on more customer information than it was designed to send, such as customers’ names, addresses and information on their spouse. All leaked information was deleted after the vulnerability was discovered with the service currently shut down as all affected individuals ... Read More

International regulators request clarification on public interest exemption

(Jun 26, 2018) Amid concern that the EU General Data Protection Regulation will impede cross-border coordination and jeopardize investigations into market manipulation and fraud, financial authorities from North America, the U.K. and Asia are seeking an “administrative arrangement” that would clarify how the public interest exemption under the GDPR can be applied to their cross-border data-sharing practices, Reuters reports. Two of the regulatory officials involved in the request said the EU is reluctant to gr... Read More

Dixons Carphone breached, affects 5.9M payment cards

(Jun 13, 2018) European retailer Dixons Carphone suffered a data breach affecting 5.9 million payment cards, TechCrunch reports. While the majority of the cards were protected, about 105,000 cards were not safeguarded by chip-and-PIN technology. Hackers also accessed 1.2 million records containing customers’ names, addresses and email addresses. “We have no evidence that this information has left our systems or has resulted in any fraud at this stage. We are contacting those whose non-financial personal data w... Read More

Digital wallet allegedly shared user data with government upon request

(May 31, 2018) Paytm, the digital wallet used by more than 230 million people in India to make cashless transactions, has allegedly been sharing personal user data with the government, BuzzFeed News reports. A video that surfaced from Indian investigative news agency Cobrapost showed the company’s vice president, Ajay Shekhar Sharma, admitting that they hand over users’ personal data upon request from the prime minister following incidents of stone pelting against India’s armed forces. While the company denied... Read More

Canadian banks suffer data breaches affecting 90K

(May 29, 2018) A pair of Canadian banks suffered data breaches affecting nearly 90,000 customers, Reuters reports. Hackers contacted the Bank of Montreal and the Canadian Imperial Bank of Commerce, informing the institutions they stole customers’ personal and financial information. A BMO spokesman said the malicious actors threatened to make the data public and that the bank is working with law enforcement to conduct an investigation. The BMO believes the attack came from a source outside of the country, addin... Read More

GDPR offers big 'shake-up' for data protection

(May 24, 2018) Reuters reports that the EU General Data Protection Regulation will serve as the “biggest shake-up of data privacy laws since the birth of the web and is the largest change in data protection law in Europe for more than 20 years.” With European consumers afforded greater control over how their personal information is collected, used and stored, the GDPR will likely lead to a reduction of scams. Often targeting individuals whose private information was accessed, scammers have relied on unsuspecti... Read More

JPMorgan Chase sues Landry's for $20M in data breach case

(May 23, 2018) The Houston Chronicle reports JPMorgan Chase Bank has filed a breach-of-contract lawsuit against hospitality company Landry’s for $20 million. Several of Landry’s venues suffered a data breach between 2014 and 2015 compromising customers’ credit card information. Landry’s refused to pay the assessment fees issued by Visa and Mastercard following the cyberattack. JPMorgan is suing Landry’s for violating a credit card–processing agreement both entities entered in 2008, where Landry’s was required ... Read More

Financial institutions look to military to guard against cyberattacks

(May 21, 2018) The New York Times reports on the military-inspired methods financial institutions are taking in order to protect themselves from cyberattacks. Banks are hiring former counterintelligence officials and military personnel to run their cybersecurity teams. By bringing in individuals with different backgrounds, cybersecurity practices focus on tactics used for national defense, such as combat exercises and the use of intelligence hubs to monitor suspicious activity. One such fusion center was launc... Read More