In 2016 the number of reported data breaches in the U.S. increased by 40% over 2015 levels. Worryingly, more than half of data breaches resulted in the exposure of Social Security numbers, increasing the risk of identity theft. 72 percent of breached records were exposed due to hacking, skimming or spear-phishing attacks. This continues a drastic increase in those type of attacks since 2009 when they first became the leading cause of breaches....

FICO Card Alert Service just released data that indicated ATM skimming increased 546 percent from 2014 to 2015. That increase represents the largest year-over-year increase that the service has seen in its more than 20 years of existence. The FICO research is based on the analysis of thousands of U.S. ATMs, and it shows that off-premises retail ATMs were most often targeted. These off-premise machines were attacked 10 times as often in 2015 compared to 2014.

Verizon Enterprise Solutions, which regularly assists clients in responding to data breaches, has suffered a breach affecting a reported 1.5 million business customers. These customers are now more vulnerable to phishing attacks due to the breach. Verizon has stated that the attack exposed basic contact information due to a vulnerability in their enterprise client portal. The vulnerability has been addressed and Verizon maintains that no...

In 2015, the banking, credit and financial industries have reported more than 40 data breaches that exposed more than 400,000 records. The breached entities range in size from a 200-location independent mortgage company to global banks with high name recognition.

Data breaches don’t just happen to large banks. Community banks also fall prey to cyber-attacks and breaches. When a data breach occurs, it’s increasingly becoming a question of “when,” not “if,” are you prepared?

The Federal Financial Institutions Examination Council’s updated guidance for bank examiners emphasizes that executives and boards of directors must approve IT plans that contain strategies for addressing emerging and ongoing cyber threats.

On Nov. 3, 2015, the Federal Financial Institutions Examination Council has issued an alert calling on financial institutions to take specific risk mitigation steps due to an increase in the frequency and severity of cyber-attacks involving extortion.

The FFIEC statement was prompted by recent reports of distributed denial-of-service attacks tied to extortion, such as those by the group known as DD4BC. Ransomware attacks have also been on the rise. The FFIEC is urging banks to take specific steps to mitigate these risks.

The FBI has recently issued a renewed warning about what it calls the Business Email Compromise, a scam being used against companies that use wire transfers for payments.

Just like many breaches, this scam usually starts with socially engineered phishing.

A $46.7 million business email compromise scheme that targeted Ubiquiti Networks, Inc. shows just how little cybercriminals have to do to fool employees into unknowingly committing wire fraud.

Ubiquiti, a wireless networking technology provider, announced that it had been targeted by an email impersonation scheme that convinced employees in its finance department to fraudulently schedule wire transfers to overseas accounts.

New business continuity guidelines from the Federal Financial Institutions Examination Council give more details on the cybersecurity initiatives banks and credit unions will be asked to address during upcoming examinations.

These new guidelines are likely the result of the FFIEC’s cybersecurity assessment program that was piloted at 500 community institutions last summer.

On June 30 the Federal Financial Institutions Examination Council released its Cybersecurity Assessment Tool. The tool is designed to help banks of all sizes assess identity risks and weaknesses in their cybersecurity preparedness programs.