{"id":24526,"date":"2024-05-20T04:10:04","date_gmt":"2024-05-20T12:10:04","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2024\/05\/20\/news-18256\/"},"modified":"2024-05-20T04:10:04","modified_gmt":"2024-05-20T12:10:04","slug":"news-18256","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2024\/05\/20\/news-18256\/","title":{"rendered":"Financial institutions ordered to notify customers after a breach, have an incident response plan"},"content":{"rendered":"\n

The Securities and Exchange Commission (SEC) has announced<\/a> rules around breaches for certain financial institutions\u2014registered broker-dealers, investment companies, investment advisers, and transfer agents\u2014 that require them to have written incident response policies and procedures that can be used in the event of a breach.<\/p>\n

The requirement is an adoption of amendments to Regulation S-P, which was enacted in 2000 to safeguard the financial information of consumers, requiring financial institutions to tell customers about how they use their personal information.<\/p>\n

But things have changed drastically since 2000. Even in the four years between 2018 and 2022, complaints about identity theft more than doubled<\/a>, per the FBI\u2019s Internet Crime Complaint Center.<\/p>\n

SEC Chair Gary Gensler said:<\/p>\n

\n

\u201cOver the last 24 years, the nature, scale, and impact of data breaches has transformed substantially. These amendments to Regulation S-P will make critical updates to a rule first adopted in 2000 and help protect the privacy of customers\u2019 financial data. “<\/p>\n<\/blockquote>\n

Under these amendments, covered firms will be required to notify customers of breaches that might put their personal data at risk. This will give these customers the chance to prepare themselves for the negative consequences of a breach.<\/p>\n

Covered organizations have to provide notice to victims as soon as possible and no later than 30 days after becoming aware of an incident involving the leak of customer information. Organizations must include details about the incident, the data leaked and what victims can do to protect themselves. As Gensler puts it:<\/p>\n

\n

“The basic idea for covered firms is if you\u2019ve got a breach, then you\u2019ve got to notify.\u201d<\/p>\n<\/blockquote>\n

The amendments will become effective 60 days after publication in the Federal Register. Larger entities will have 18 months after the date of publication in the Federal Register to comply with the amendments, and smaller entities will have 24 months after the date of publication in the Federal Register to comply.<\/p>\n

Has your data been exposed?<\/strong><\/h2>\n

If you want to find out how much of your data has been exposed online, you can try our free Digital Footprint scan<\/a>. Fill in the email address you\u2019re curious about (it\u2019s best to submit the one you most frequently use) and we\u2019ll send you a free report.<\/p>\n

\n
\n
\n

<\/a>SCAN NOW<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n

\n

We don’t just report on threats – we help safeguard your entire digital identit<\/strong>y<\/p>\n

Cybersecurity risks should never spread beyond a headline. Protect your\u2014and your family’s\u2014personal information by using identity protection<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

The Securities and Exchange Commission has announced rules around breaches for certain financial institutions. <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[32,26699],"class_list":["post-24526","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-news","tag-personal"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24526","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=24526"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24526\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=24526"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=24526"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=24526"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}