Singapore Banks Ditch One-Time Passwords

July 15, 2024 at 09:04PM Singapore is implementing an initiative to phase out one-time passwords (OTPs) for retail banking customers in three months. The new authentication process will use digital tokens instead of passwords, aiming to enhance protection against phishing attacks. The measure, supported by MAS and ABS, aims to prevent scams and safeguard customer … Read more

Patelco Credit Union Scrambling to Restore Systems Following Ransomware Attack

July 3, 2024 at 08:41AM Patelco Credit Union, serving 500,000 customers, faced a ransomware attack, impacting its online banking, mobile app, and call center. Electronic transactions are unavailable and restoration efforts are ongoing. Patelco emphasized secure system restoration, cooperation with cybersecurity experts, regulators, and law enforcement. Customer reimbursement for late payment fees is assured. Based … Read more

Santander Falls Victim to Data Breach Involving Third-Party Provider

May 16, 2024 at 05:16PM Santander, a Spanish bank, experienced a data breach from a third-party provider, impacting customers in Chile, Spain, and Uruguay. The bank quickly blocked access to the compromised database and implemented fraud prevention measures. External breaches are becoming a common issue for financial institutions, highlighting the need for proactive risk assessment … Read more

Banco Santander warns of a data breach exposing customer info

May 15, 2024 at 10:16AM Banco Santander S.A. confirmed a recent data breach impacting customers and employees in Spain, Chile, and Uruguay. The unauthorized access to a third-party hosted database led to the compromise of information for current and some former employees as well as customers. The bank has implemented fraud prevention measures and assured … Read more

Dell customer order database of ’49M records’ stolen, now up for sale on dark web

May 9, 2024 at 02:07PM Dell confirmed a data breach on one of its portals, with information stolen from 49 million records now for sale on the dark web. The stolen data includes customer names, addresses, and Dell equipment details, but not payment info. Dell is undertaking an investigation and taking steps to protect customer … Read more

FCC fines carriers $200 million for illegally sharing user location

April 29, 2024 at 03:41PM The FCC has fined major U.S. wireless carriers around $200 million for sharing customers’ real-time location data without consent. AT&T, Sprint, T-Mobile, and Verizon faced fines for unauthorized disclosure of location information. Carriers sold data to third parties without obtaining valid customer consent, failing to safeguard it as required by … Read more

Roku Mandates 2FA for Customers After Credential-Stuffing Compromise

April 15, 2024 at 04:19PM Roku is enforcing mandatory two-factor authentication for all users following two incidents where customer accounts were compromised. Approximately 591,000 customers were affected, with 400 having their accounts used for unauthorized purchases. The breach did not expose sensitive financial or personal information, and Roku has reset passwords for the affected accounts. … Read more

Roku warns 576,000 accounts hacked in new credential stuffing attacks

April 12, 2024 at 11:06AM Roku disclosed two separate incidents of account breaches in March, with approximately 576,000 accounts compromised in the latest attack. Threat actors utilized stolen login information from other platforms to execute credential stuffing attacks. While some accounts were used for unauthorized purchases, Roku confirmed no sensitive information was accessed. Additionally, the … Read more

AT&T now says data breach impacted 51 million customers

April 10, 2024 at 10:44AM AT&T notifies 51 million current and former customers of a data breach, exposing personal information in a hacking forum. Despite delay, AT&T confirmed the data’s origin and issued identity theft protection. Customers urged to monitor accounts. AT&T faces lawsuits for delay and risks of cyber attacks. The breach raises concerns … Read more

Cyberattack Causes Disruptions at Omni Hotels

April 4, 2024 at 10:30AM Omni Hotels & Resorts announced a cyberattack prompted system shutdowns on March 29. With operations in 50 upscale North American hotels and around 14,000 employees, the chain has restored most systems and is investigating the event’s scope with external specialists. Though suspected as ransomware, no group has claimed responsibility. Customers … Read more