fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

First Horizon Bank Online Accounts Hacked To Steal Customers’ Funds

First Horizon Bank Online Accounts Hacked To Steal Customers’ Funds

Bank holding company First Horizon Corporation disclosed the some of its customers had their online banking accounts breached by unknown attackers earlier this month.

First Horizon is a regional financial services company with $84 billion in assets that offers banking, capital market, and wealth management services.

First Horizon Bank, the company’s banking subsidiary, operates a network of hundreds of bank locations in 12 states across the Southeast.

Attackers accessed personal info, stole funds

First Horizon discovered the attack in mid-April 2021 and said that it only impacted a limited number of customers.

As discovered during the investigation, the unknown threat actors could breach the customers’ online bank accounts using previously stolen credentials and by exploiting a vulnerability in third-party software.

“Using the credentials and exploiting a vulnerability in third-party security software, the unauthorized party gained unauthorized access to under 200 on-line customer bank accounts,” First Horizon added in an 8-K form filed with the U.S. Securities and Exchange Commission (SEC) on Wednesday.

The attackers were also able to gain access to customer information stored in the breached accounts and drain funds from some of them before their intrusion was discovered.

The financial services firm revealed that they “fraudulently obtained an aggregate of less than $1 million from some of those accounts.”

Also Read: The Difference Between GDPR And PDPA Under 10 Key Issues

Customers reimbursed after breach

The bank holding firm reimbursed all the impacted customers for their stolen funds after discovering the data breach.

First Horizon also notified relevant data regulators and law enforcement agencies and opened new banking accounts for affected customers.

The company also remediated the software vulnerability exploited by the attackers during the incident and reset the passwords for impacted accounts.

“Based on its ongoing assessment of the incident to date, the Company does not believe that this event will have a material adverse effect on its business, results of operations or financial condition,” First Horizon concluded.

While First Horizon did not provide any info on the exploited third-party software, massive collections of stolen user credentials potentially reused on multiple sites have been sold or leaked for free by various threat actors for years.

The most recent examples are tens of millions of user records containing personal data and credentials belonging to ParkMobileBigBasket, and Nitro PDF customers shared for free on hacking forums.

First Horizon Bank division IBERIABANK Mortgage disclosed another data breach spanning almost two years and exposing customers’ personal info a day after its parent company merged with First Horizon Bank on July 3rd, 2020.

Also Read: PDPA Compliance Singapore: 10 Areas To Work On

A First Horizon spokesperson was not available for comment when contacted by BleepingComputer earlier today for more details regarding the breach disclosed earlier this week.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us