Citibank Sued Over Failure to Defend Customers Against Hacks and Fraud

Citibank faces a lawsuit for allegedly failing to protect its customers from hacks and fraud. The suit claims the bank didn't implement adequate security measures, resulting in unauthorized access and financial losses for customers. This legal action highlights the increasing scrutiny on financial institutions to ensure robust cybersecurity defenses. 
Learn more

Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters

A severe misconfiguration in Kubernetes, a popular service used by major tech companies like Google, could allow malicious actors unauthorized access to cloud-based applications. A threat actor with access to a Google account could abuse the misconfiguration by using their own Google OAuth 2.0 token to seize control of the cluster for further exploitation. Google is actively addressing the issues and has encouraged its users to deploy recommended detection rules.
Learn more

Global Fintech Firm EquiLend Offline After Recent Cyberattack

EquiLend, a global financial technology firm based in New York, experienced significant operational disruptions due to a cyberattack that occurred on January 22, 2024. The attack led to unauthorized network access and forced the company to take parts of its systems offline. EquiLend is actively working to restore the affected services with the assistance of external cybersecurity experts. The incident comes shortly after EquiLend announced its acquisition by the U.S. private equity firm Welsh, Carson, Anderson & Stowe, a deal expected to close in Q2 2024.
Learn more

Massive Data Breach at LoanDepot Affects Over 16 Million Individuals

LoanDepot, a large mortgage lender, experienced a ransomware attack that compromised the personal information of approximately 16.6 million people. The breach was initially disclosed earlier in the month and was further detailed in a recent filing with the Securities and Exchange Commission.
Learn more

Federal Reserve Warns of Historical Gaps in Banks’ Management of Cyber Risk

Federal Reserve's Vice Chair for Supervision, Michael Barr, addressed historical shortcomings in banks' management of third-party cyber risk during a conference. He expressed concerns about the rising reliance on third-party service providers by banks, leading to increased cyber threats. Barr emphasized the need for banks to not only identify vulnerabilities but also prioritize resilience by developing and testing business continuity plans. He anticipates improvements in quantifying cyber risk through mandatory incident reporting, expecting this to aid threat detection and understanding the broader financial system's interconnectedness.
Learn more