Risk Management – Baldwin Consulting Services, LLC

Open Banking: CFPB’s 1033 Rule and the Cost of Compliance

Matt — Wed, 23 Oct 2024 11:33:21 +0000

For banks, there’s a staggered timeline for compliance. The 594-page notice of final rulemaking said compliance begins April 1 of the years 2026, 2027, 2028, 2029 or 2030 for data providers, which includes depository institutions (including credit unions). The providers also include non-depository institutions that hold or issue credit cards and other types of accounts

Article Link

Company Behind Major Social Security Number Leak Files for Bankruptcy | PCMag

Matt — Thu, 10 Oct 2024 01:32:53 +0000

The bankruptcy filings reveal that the company estimates it’ll need to notify and pay for credit monitoring “for hundreds of millions of potentially impacted individuals.” That’s because the breach led a hacker to steal a trove of data containing 272 million unique Social Security numbers from US residents, along with 600 million phone numbers.

Article Link

AT&T fined $13M for data breach after giving customer bill info to vendor | Ars Technica

Matt — Thu, 19 Sep 2024 01:01:37 +0000

“AT&T used the vendor to generate and host personalized video content, including billing and marketing videos, for AT&T customers,” an FCC press release said. “Under AT&T’s contracts, the vendor should have destroyed or returned AT&T customer information when no longer necessary to fulfill contractual obligations, which ended years before the breach occurred. AT&T failed to ensure the vendor: (1) adequately protected the customer information, and (2) returned or destroyed it as required by contract.”

Article Link

TD Bank ordered to pay $28 mln by US CFPB for misreporting consumer credit data | Reuters

Matt — Thu, 12 Sep 2024 11:18:46 +0000

It also said TD also took “far too long,” sometimes more than one year, to correct mistakes, and ignored some disputes because it diverted resources elsewhere and was distracted by its failed attempt to buy Tennessee bank First Horizon (FHN.N), opens new tab.

Article Link

CFPB Takes Action to Ensure Consumers Can Dispute Charges and Obtain Refunds on Buy Now, Pay Later Loans | Consumer Financial Protection Bureau

Matt — Wed, 22 May 2024 15:22:47 +0000

The Consumer Financial Protection Bureau (CFPB) today issued an interpretive rule that confirms that Buy Now, Pay Later lenders are credit card providers. Accordingly, Buy Now, Pay Later lenders must provide consumers some key legal protections and rights that apply to conventional credit cards. These include a right to dispute charges and demand a refund from the lender after returning a product purchased with a Buy Now, Pay Later loan. The CFPB launched its inquiry into the rapidly expanding Buy Now, Pay Later market more than two years ago and continues to see consumer complaints related to refunds and disputed transactions. Today’s action will help bring consistency to this market.

Article Link

Measles outbreak prompts health warning | NBC4 WCMH-TV

Matt — Wed, 27 Mar 2024 13:34:00 +0000

The number of U.S. measles cases in the first three months of 2024 has already equaled all of the cases for 2023

Article Link

CISA hit by hackers, key systems taken offline

Matt — Wed, 20 Mar 2024 02:00:55 +0000

The Cybersecurity and Infrastructure Security Agency (CISA) — responsible for cybersecurity and infrastructure protection across all levels of the United States government — has been hacked.

Article Link

Insurance giant Fidelity hit by data breach — thousands of customers may have had data stolen | TechRadar

Matt — Thu, 07 Mar 2024 13:05:35 +0000

The insurance giant has filed a data breach notification with the Maine attorney general’s office in which it stated that 28,268 of its customers had their private data leaked after a data breach at Infosys McCamish Systems LLC – a US subsidiary of Indian tech services giant Infosys.

Article Link

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare – Krebs on Security

Matt — Thu, 07 Mar 2024 12:16:35 +0000

There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. “ALPHV“) as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks.

Article Link

Microsoft Azure Hit With The Largest Data Breach In Its History

Matt — Wed, 21 Feb 2024 03:53:48 +0000

Security breaches are becoming far too common in Microsoft and many other tech companies. Hence, it’s expected that the US government will soon make it mandatory for companies to be more transparent about their security issues and disclose every hack or data breach within 4 days.

Article Link