Databreach Today -
Finance & Banking , Industry Specific , Security Operations
Regulator Cites Email Takeovers, Inadequate Incident Response Dan Gunderman (dangun127) • September 1, 2021 (Photo: Securities and Exchange Commission via Flickr)
The U.S. Securities and Exchange Commission sanctioned eight financial firms for alleged failures related to cybersecurity policies and procedures, each stemming from email account takeovers and related incident response, the regulator announced this week.
See Also: Live Webinar | Keeping Up With AML and KYC in an Evolving Financial World
The sanctioned firms did not admit or deny the commission’s findings, but “agreed to cease and desist from future violations of the charged provisions, to be censured and to pay a penalty,” according to the SEC. Cumulative fines total $750,000.
The SEC says related email account takeovers did not appear to result in unauthorized trades or fund transfers. The commission-registered firms include