Financial Services Cybersecurity Weekly Briefing 06-01-2018

Weekly FS Cybersecurity Blast

Weekly FS Cybersecurity Blast

Bank of Montreal Says Customers’ Financial Data Lost in Cyber Attack
Bank of Montreal and Canadian Imperial Bank of Commerce said on Monday that cyber attackers may have stolen the data of nearly 90,000 customers in what appeared to be the first significant assault on financial institutions in the country. Bank of Montreal, Canada’s fourth biggest lender, said on Monday it was contacted by fraudsters on Sunday who claimed they were in possession of the personal and financial information of a limited number of the bank’s customers. The fraudsters had threatened to make the data public, the spokesman said, adding that the bank was working with the authorities and conducting a thorough investigation.

Softbank’s ‘Pepper’ Robot is a Security Joke
Softbank’s popular anthropomorphic robot, Pepper, has myriad security holes according to research published by Scandinavian researchers earlier this month. The ‘bot allows unauthenticated root-level access, runs a Meltdown/Spectre-vulnerable processor, can be administered over unencrypted HTTP and has a default root password.

Senate Banking Committee: Want Fewer Cybersecurity Threats? Ramp Up Regulations
According to Forbes, Senate Banking Committee Chair Mike Crapo and his democratic counterpart Sherrod Brown both agree the financial sector needs better legislation when it comes to protecting consumers’ personal data. Brown describes a bill with provisions that hold companies accountable for data loss but doesn’t know exactly what form that would take — although he does say record bank profits could be used for more cybersecurity investment.

Mexico Foiled a $110 Million Bank Heist, Then Kept It a Secret
Worldwide, a string of attacks targeting banks’ connections to the Swift network has prompted financial institutions to enact new security measures[.] But in Mexico, details surrounding the Bancomext assault have been kept secret by government authorities and the bank, meaning the nation’s sprawling financial system never got the wake-up call that could have helped guard against a new series of intrusions that authorities are still trying to contain.

 

Stay up to date on the Financial Services Information Security news that you need to know by signing up for our Financial Cybersecurity Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.