Consumer lender TMX discloses data breach impacting 4.8 million people
TMX Finance and its subsidiaries TitleMax, TitleBucks, and InstaLoan have collectively disclosed a data breach that exposed the personal data of 4,822,580 customers. [...]
Stay secure in the finance sector. Explore the latest in financial cyber security news, trends, and best practices to protect valuable assets and data.
Search across headline titles and summaries.
Background for this topic.
Finance covers the institutions, markets, and services that move, store, lend, invest, and insure money. Its distinctive assets include customer identities, account balances, payment instructions, trading positions, claims, and confidential business data. Operations depend on core banking and ledger systems, payment networks, market-data feeds, identity services, and external processors or cloud providers. Integrity and availability are especially important: an unauthorized change to beneficiary or settlement data can cause direct loss, while an outage can interrupt payments or trading and complicate time-sensitive reconciliation.
Security work therefore focuses on online banking and trading interfaces, APIs, privileged access, credentials, and third-party connections. Useful controls include phishing-resistant multi-factor authentication, least privilege, transaction signing or approval separation, encryption, tamper-evident logging, and anomaly monitoring. Privacy protections apply to personal and financial information; PCI DSS is relevant where payment-card data is handled, alongside jurisdiction-specific financial rules. Vulnerability management should prioritize internet-facing and legacy systems, while incident response needs capabilities to contain fraudulent transactions, preserve evidence, reconcile ledgers, and restore trusted service through tested backups or failover.
TMX Finance and its subsidiaries TitleMax, TitleBucks, and InstaLoan have collectively disclosed a data breach that exposed the personal data of 4,822,580 customers. [...]
Australian loan giant Latitude Financial Services (Latitude) is warning customers that its data breach is much more significant than initially stated, taking the number of affected individuals from 328,000 to 14 million. [...]
Greg Young, VP of Cybersecurity and CorpDev, discusses what the second-largest bank collapse in U.S. history means for cybersecurity.
New IcedID variants have been found without the usual online banking fraud functionality and instead focus on installing further malware on compromised systems. [...]
Conor Brian Fitzpatrick, the 20-year-old founder and the administrator of the now-defunct BreachForums has been formally charged in the U.S. with conspiracy to commit access device fraud
Over 14 million records stolen from consumer lender