The high cost of mishandling data breaches, security reporting for financial services

Karen Hoffman reminds readers of the costs of poor security, reporting, in part:

Last month, the U.S. Securities and Exchange Commission (SEC) fined Chase $125 million due to employees’ insecure practices, namely using WhatsApp and personal email accounts to transact official business, thus not adhering to SEC record-keeping requirements. Additionally, under a separate enforcement action, the Commodity Futures Trading Commission also fined the bank $75 million for the same behavior going back six years.

In August 2020, Capital One Financial Corp was levied an $80 million penalty by the Office of the Comptroller of the Currency for failing to spot and manage cyber risk, resulting in a huge data breach the previous year. More recently, in late December 2021, Capital One announced it would pay $190 million to settle a class-action lawsuit in response to a massive hack on the bank’s cloud network on Amazon Web Services that led to the theft of personal data from 100 million customers in 2019.

Read more at SC Media.

About the author: Dissent

Comments are closed.