article thumbnail

Toyota Financial Services discloses a data breach

Security Affairs

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data.

article thumbnail

Medusa ransomware gang claims the hack of Toyota Financial Services

Security Affairs

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Toyota Financial Services confirmed the discovery of unauthorized activity on systems in a limited number of its locations. The company has yet to disclose a data breach.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

3 Key Risks with Employee Passwords in the Financial Services Industry

Data Breach Today

How can financial services institutions better protect employee passwords? One of the most common threat vectors plaguing financial services institutions is the employee password.

article thumbnail

The Rise of One-Time Password Interception Bots

Krebs on Security

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. An ad for the OTP interception service/bot “SMSRanger.”

Passwords 308
article thumbnail

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. c)); – monitor privileged access activity by implementing a privileged access management (“PAM”) solution, and automatically blocking commonly used passwords (500.7(c));

article thumbnail

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

article thumbnail

Stock trading service Robinhood stored passwords in plaintext for some users

Security Affairs

Stock trading service Robinhood announced that the passwords of a number of users were stored in plaintext, the company is informing impacted ones. Stock trading service Robinhood admitted to have stored passwords of a number of users in plain text, the company is informing impacted ones via emai l. Pierluigi Paganini.