Compromise and Credential - Payments Space

Finastra Confirms Breach Amid Hacker’s 400GB Data Theft Claim

Fintech News

NOVEMBER 24, 2024

The company confirmed the incident to TechCrunch following a hacker’s claim of compromising Finastra ‘s internal file-transfer platform and subsequent attempts to sell the stolen data. Currently, Finastra is unable to disclose the number of affected customers or the precise nature of the compromised data.

Breach

Breach Compromise Data Breach Credential

Cyber Threats Surge in India’s Financial Sector

Fintech News

MAY 8, 2025

These chatbots leverage AI with natural language processing (NLP) capabilities to engage potential victims in seemingly benign conversations, subtly extracting credentials or sensitive data over time. The surge of deepfakes The rise of AI has also led to a surge in deepfake attacks.

Data Breach

Data Breach Deepfake MFA Phishing

Keeta, Solo partner on blockchain-native credit bureau

Finextra

JUNE 6, 2025

Solo turns data into reusable, verified credentials, enabling banks, fintech firms and cryptocurrency platforms to make smarter, faster decisions, without compromising privacy.

Blockchain

Blockchain Interoperability Credential Compromise

How Financial Institutions Can Combat Business Email Compromise (BEC)

Fi911

JUNE 9, 2025

Business email compromise attacks cost organizations $2.4 Attackers compromise vendor email accounts, then send updated banking instructions just before scheduled payments. Multi-factor authentication protects against credential compromise but must extend beyond employee accounts.

Email Compromise

Email Compromise Business Email Compromise Compromise Law Enforcement

Chipotle Hacked, Payment Credentials Compromised

PYMNTS

APRIL 19, 2019

Chipotle Mexican Grill has been the victim of a cyberattack that compromised the credit card payment information for a small number of customers. Many customers have recently posted on social media that orders placed at the restaurant fraudulently used their payment cards during the first few weeks of April. billion and $1.34 per share.

Credential

Credential Compromise Credit Cards Payments

Understanding POS Security: Protecting Your Business and Customer Data

VISTA InfoSec

MAY 12, 2024

When used, these devices will collect payment details without the merchant’s knowledge, compromising customer data security. Implementing 2FA adds an extra layer of security to a POS system by requiring users to prove their credentials through other means such as one-time passwords on other devices or through biometrics.

PCI DSS

PCI DSS Security Compromise Best Practices

Understanding the Cyber Risks in Video Communication

VISTA InfoSec

JUNE 19, 2024

However, this convenience comes with significant cyber risks that can compromise sensitive information and privacy. For instance, an attacker might send an email that appears to be from a trusted video communication platform, prompting you to click on a link to verify your account or update credentials.

Risk

Risk Ransomware Phishing MFA

How to Use the Terraform Destroy Command to Control Cyber Attack Damage

VISTA InfoSec

MAY 23, 2024

These storage resources can be compromised and lead to data leaks similar to the unsecure S3 bucket of THSuite reported in 2020. Meanwhile, database resources can have vulnerabilities such as misconfigurations and stolen credentials that allow cybercriminals to steal critical data and extort organizations.

Compromise

Compromise Database Best Practices Shutdown

Tokenisation 2.0: Are we ready for the next generation of payment security?

The Payments Association

JUNE 3, 2025

Antony Lane, sales account manager at G+D , corroborates this, stating G+D increasingly uses tokenisation to improve in-app provisioning, simplify lifecycle credential management, and personalise user journeys across devices and channels. As a result, tokenisation is becoming essential for maintaining trust and fluidity.

Security

Security Payment APIs and Integration Payment Security Credential

Advanced Data Security: Safeguarding Your Business In The Digital Age

VISTA InfoSec

JUNE 18, 2024

A crafty hacker could infiltrate accounts secured by flimsy credentials. Even if passwords are compromised, those extra identity checkpoints block illicit access attempts. A single compromised login could damage your entire network. Simplistic credentials are entry points for hackers.

Data Security

Data Security Security Encryption Cybersecurity

How tokenisation has reshaped the future of payments

The Payments Association

MAY 28, 2025

The evolution represents more than enhanced security protocols, it constitutes a complete reimaging of payment credential architecture. By eliminating repeated credential input and enabling genuinely secure one-click transactions, it simultaneously addresses both the safety concerns and speed demands of modern consumers.

Credential

Credential Payments Issuers Visa

Remote Work Business Continuity: Best Practices

VISTA InfoSec

APRIL 5, 2024

The following are some of the consequences when data privacy and security are compromised: Productivity loss. A file falling into the wrong hands or credentials being revealed to unauthorized personnel could spell lost productivity and revenue. Operational interruption happens when cybersecurity is breached. Tainted reputation.

Best Practices

Best Practices Business Continuity Continuity Compromise

Visa Launches “Tap-to-Add Card” in Egypt to Enhance Secure and Seamless Digital Payment Experiences

Fintech Finance

MARCH 10, 2025

Bringing enhanced security and convenience, Tap-to-Add Card eliminates the cumbersome process of manual entry, a common source of errors and a vulnerability exploited by fraudsters seeking to compromise sensitive card information.

Digital Payments

Digital Payments Security Payments Credential

Visa Accelerates Tokenization Of Credentials On File For Digital Payments

PYMNTS

OCTOBER 17, 2018

Visa announced today the commercial expansion of its Visa Token Service for “credential-on-file token requestors.” Network tokens offer merchants an appealing solution to boosting the security of transactions while also helping merchants manage the account credentialing that is now the reality of multichannel retail payments.

Credential

Credential Digital Payments PayPal Payments

‘Serenity’ and ‘IDEMIA Secure Transactions’ Launch sAxess Biometric Card for Enhanced Digital Security and Data Recovery

Fintech Finance

NOVEMBER 28, 2024

The solution utilizes non-fungible tokens (NFTs) as secure credentials within a “digital safe,” providing a decentralized, immutable method for storing and recovering critical information. Its self-custody approach reduces the need for intermediaries, offering control and reduced exposure to third-party risks.

Security

Security Transactions NFTs Blockchain

Visa Launches Tap-to-Add Card in Egypt to Bolster Digital Payment Adoption and Card Security

The Fintech Times

MARCH 10, 2025

By launching the solution, which removes the need for manual entry – a common source of errors and a vulnerability exploited by fraudsters seeking to compromise sensitive card information – Visa aims to promote the use of digital wallets in Egypt while also bolstering security in the region.

Digital Payments

Digital Payments Security Credential CHIPS

American Express Partners with MX to Enhance Secure Digital Banking Options

The Fintech Times

NOVEMBER 11, 2024

This integration provides American Express customers with greater control and transparency over how they share their financial data, using secure authentication without needing to share credentials.

Security

Security Credential API Privacy

The Chipotle Hack And The Troubling Trend Of Credential Stuffing

PYMNTS

APRIL 24, 2019

Consumers often repeat passwords across sites, the firm noted, and fraudsters use a technique known as credential stuffing — wherein they’ve taken email addresses and passwords gleaned in other attacks, and used them to brute force their way into customers’ Chipotle accounts. It could easily be credential stuffing. So, what’s going on?

Credential

Credential Breach API Addressing

OKX Pay Launched to Simplify Crypto Payments and Self-Custody

Fintech News

APRIL 28, 2025

The product aims to address long-standing challenges in crypto use, including the complexities of managing private keys and the historical risk of losing digital assets due to forgotten credentials. OKX said that funds cannot be moved without a customers explicit permission.

Web 3.0

Web 3.0 Stablecoins Money Laundering Payments

How to Create a GDPR-Compliant Password Policy?

VISTA InfoSec

JUNE 3, 2024

Weak or compromised passwords are often the weak link in an organization’s security chain, providing an easy entry point for cybercriminals. According to a Verizon report , over 80% of hacking-related breaches are due to compromised passwords.

MFA

MFA Credential PCI DSS Compliance

Payment Fraud Goes Mainstream: Sift’s Q1 2025 Digital Trust Index Reveals 89% Surge in Consumer Exposure to Fraud Schemes

Fintech Finance

MARCH 28, 2025

These configurations equip individuals with the ability to test compromised payment information and login credentials with minimal technical expertise. Generational data reveals a concerning trend: younger consumers are significantly more likely to engage in payment fraud.

Consumer

Consumer Alternative Payment Methods Participant Debit Card

Hackers Are Using Compromised Computers To Generate Bitcoin

PYMNTS

OCTOBER 27, 2017

Hackers look for ways to best monetize the computers they compromise. Traditional avenues include stealing bank account credentials to sell on the dark web or installing destructive malware software. Their new tactic is injecting code that generates bitcoin onto cloud-computing servers and compromised websites.

Compromise

Compromise Bitcoin Cryptocurrency Credential

What is Business Email Compromise (BEC)?

Nanonets

NOVEMBER 14, 2023

Business Email Compromise (BEC) is a cyber threat that exploits the vulnerabilities of email communication. Perpetrators impersonate trusted entities, such as executives or vendors, employing social engineering techniques to coerce employees into compromising actions. What is Business Email Compromise (BEC)?

Email Compromise

Email Compromise Business Email Compromise Compromise Phishing

What Are the Risks of Business Email Compromise & How Can You Prevent Them?

Seon

JUNE 15, 2023

Business email compromise (BEC) attacks can be a major risk to businesses’ finances and reputations. Let’s look at what business email compromise attacks are and explore some of the many ways you can combat them. What Is a Business Email Compromise Attack? Reported losses in 2020 exceeded $4.2

Email Compromise

Email Compromise Compromise Business Email Compromise Risk

Why The Data Breach Decline Is Bad News For Businesses

PYMNTS

FEBRUARY 1, 2021

40 legitimate email accounts of company executives have been compromised in a phishing campaign targeting businesses , according to Gov Info Security reports. Cybercriminals are using the tactic to steal company credentials, including executive email addresses, which are then sold on the dark web.

Data Breach

Data Breach Breach Business Email Compromise Scams

CyberArk Gets Patent For Security Risk Detection Technology

PYMNTS

SEPTEMBER 15, 2016

The patent covers methods and systems to map risks arising from credentials, especially privileged credentials, present on machines in the network that, once compromised, enable attackers to access and compromise other machines in the network.

Risk

Risk Security Technology Credential

Microsoft Admits Breach Of Web-Based Email Accounts

PYMNTS

APRIL 14, 2019

According to reports citing Microsoft, the company confirmed that a “limited” number of webmail users — including @msn.com and @hotmail.com — saw their accounts compromised by hackers. It also appears the bad guys didn’t access login credentials including passwords. Microsoft said affected users should change their passwords.

Breach

Breach Accounts Credential Compromise

Visa On Its 1 Billion Token Milestone — And What Lies Ahead

PYMNTS

JUNE 23, 2020

Reducing fraud is critical, as fraudsters look toward new avenues of stealing credentials and draining accounts. And securing those credentials will mean that, eventually, the payments ecosystem will revolve around eCommerce “IDs” that consumers can take with them no matter where or with whom they transact, across borders and devices.

Credential

Credential Issuers Breach RTP

FIs Expect Cybersecurity Spending To Increase In 2021, Study Finds

PYMNTS

NOVEMBER 25, 2020

The SEC warned in October that cyberattacks on corporations had been increasing, and businesses were advised to include multi-factor authentication to prevent credential compromises.

Cybersecurity

Cybersecurity Credential Compromise Authentication

Singapore, Hong Kong Police, INTERPOL Bust Scam Syndicate After S$17.9M in Losses

Fintech News

AUGUST 19, 2024

These scams involved pop-up alerts on victims’ devices, falsely claiming they were compromised by malware. Between January and July 2024, the SPF received 185 reports of technical support scams, resulting in losses exceeding S$ 17.9 The criminal proceeds generated by this tech-support scam were laundered through Hong Kong.

Scams

Scams Money Laundering Cross-Border Phishing

SEC Chair Warns Of Increasing Cyberattacks Against Companies

PYMNTS

NOVEMBER 2, 2020

And the SEC warned about credential compromises, meaning cyberattacks using compromised client login credentials to attack brokers and dealers, take customer assets and expose private information.

Cybersecurity

Cybersecurity Credential Compromise Ransomware

22 percent of data breaches are caused by compromised credentials

The Paypers

APRIL 28, 2016

(The Paypers) A survey of more than 300 professionals worldwide found that 22% of respondents whose company had experienced a data breach said the breach was due to compromised credentials.

Data Breach

Data Breach Credential Compromise Breach

Hack Of C-Suite Email Addresses Portends Surge In BEC Fraud

PYMNTS

NOVEMBER 30, 2020

The SEC put out various alerts over the entirety of the pandemic on the danger of the attacks, warning various sizes of businesses about ransomware attacks affecting broker dealers and investment advisors as well as credential compromises taking peoples' login information and exposing private information.

Business Email Compromise

Business Email Compromise Addressing Scams Ransomware

Anomali Identifies Scam To Steal Gov’t Procurement Site Credentials

PYMNTS

DECEMBER 17, 2019

An unidentified group is reportedly putting much effort into a complicated scam to steal the login credentials of government personnel. The victim is then offered a choice of logging in through email credentials from providers such as Google, Microsoft and Yahoo. Anomali, a security firm, says it has found bogus websites of the U.S.,

Credential

Credential Scams Email Compromise Business Email Compromise

Invoice Fraud Strikes Amazon In $19M Scam

PYMNTS

AUGUST 24, 2020

This week's B2B Data Digest looks at the rising threat of the business email compromise (BEC) scam and invoice fraud on companies of all sizes in the U.S., Reports said the fraudsters have stolen more than 800 sets of credentials in an attempt to commit B2B payment fraud via spear-phishing attacks. Canada and the world over.

Scams

Scams Business Email Compromise Ransomware Email Compromise

Instacart Blames Reused Passwords For Account Hacks

PYMNTS

JULY 24, 2020

In a post on its website, Instacart said its investigation concluded the San Francisco-based company was not compromised. Instead, Instacart said hackers used credential stuffing, a practice in which usernames and passwords stolen from other sites are used to hack into other accounts. “It

Accounts

Accounts Compromise Data Breach Phishing

Hundreds Of Millions Of Accounts Compromised In Major Email Hack

PYMNTS

MAY 6, 2016

Hold discovered the latest breach after finding a Russian hacker bragging about the large number of email credentials he had amassed, as well as his plan to give them away. These credentials can be abused multiple times.” All in, that initially totaled around 1.17 billion records. brokerage R.W.

Compromise

Compromise Accounts Request for Comment Credential

SWIFT CSP: A Quick Guide for Financial Institutions

VISTA InfoSec

DECEMBER 19, 2024

Know and Limit Access Prevent compromise of credentials Manage identities and segregate privileges 3.Detect SWIFT CSCF v2024 key objectives and principles Below are the 3 key objectives and 7 principles, as defined in the updated SWIFT CSP framework.

SWIFT

SWIFT Cybersecurity PCI DSS Compliance

Banks Reinforce Protections As Cybercriminals’ Tactics Evolve

PYMNTS

NOVEMBER 16, 2020

Cybercriminals have sought to exploit philanthropic giving, consumer and small business stimulus payments, unemployment benefits and even the acquisition of personal protective equipment (PPE) as ways to leverage compromised data, steal money and make fraudulent purchases.

Identity Theft

Identity Theft Credential Account Takeovers Fraud Prevention

Payments Providers Combat The Conflict Between Security, User Experience

PYMNTS

JANUARY 14, 2020

But for many service providers, achieving one can often mean compromising the other. Greater Security Without Compromising UX. Those silos can also compromise the ability for a financial service provider to provide the seamless, elevated user experience they’re pursuing by migrating to the cloud in the first place.

Security

Security PCI DSS Compromise Service Provider

Data Blizzard Hits LA Schools: Students data stolen in Snowflake Hack

VISTA InfoSec

JUNE 27, 2024

Upon investigation, it was revealed that personal information such as student names, addresses, dates of birth, and potentially other sensitive details had been compromised.

FBI

FBI Breach MFA Cybersecurity

P2P Security Issues Plague Millions Of IoT Devices

PYMNTS

APRIL 26, 2019

A P2P (peer-to-peer) technology ingrained in millions of IoT ( Internet of Things ) devices, including security cameras, smart doorbells, baby monitors and video recorders, has many security flaws that allow them to be compromised easily, exposing users to dangers from eavesdropping, credential theft and takeovers from remote locations.

P2P

P2P Security Compromise Credential

Dunkin' Donuts accounts compromised in credential stuffing attack

The Paypers

FEBRUARY 15, 2019

(The Paypers) Dunkin’ Donuts has been the victim of a credential stuffing attack during which hackers gained access to customer accounts.

Credential

Credential Compromise Accounts

Mastercard Goes OTP-Free in APAC for Faster, Safer Online Transactions

Fintech Finance

NOVEMBER 6, 2024

Tighter Security: By offering biometric authentication, payment passkeys eliminate the risk of passwords being stolen or compromised, protecting shoppers from fraud and scams. More Sales: Merchants reduce cases of cart abandonment as they make customer transactions faster, easier and more reliable.

Visa

Visa APACS Transactions Authentication

Finastra Confirms Breach Amid Hacker’s 400GB Data Theft Claim

Cyber Threats Surge in India’s Financial Sector

Trending Sources

Keeta, Solo partner on blockchain-native credit bureau

How Financial Institutions Can Combat Business Email Compromise (BEC)

Chipotle Hacked, Payment Credentials Compromised

Understanding POS Security: Protecting Your Business and Customer Data

Understanding the Cyber Risks in Video Communication

How to Use the Terraform Destroy Command to Control Cyber Attack Damage

Tokenisation 2.0: Are we ready for the next generation of payment security?

Advanced Data Security: Safeguarding Your Business In The Digital Age

How tokenisation has reshaped the future of payments

Remote Work Business Continuity: Best Practices

Visa Launches “Tap-to-Add Card” in Egypt to Enhance Secure and Seamless Digital Payment Experiences

Visa Accelerates Tokenization Of Credentials On File For Digital Payments

‘Serenity’ and ‘IDEMIA Secure Transactions’ Launch sAxess Biometric Card for Enhanced Digital Security and Data Recovery

Visa Launches Tap-to-Add Card in Egypt to Bolster Digital Payment Adoption and Card Security

American Express Partners with MX to Enhance Secure Digital Banking Options

The Chipotle Hack And The Troubling Trend Of Credential Stuffing

OKX Pay Launched to Simplify Crypto Payments and Self-Custody

How to Create a GDPR-Compliant Password Policy?

Payment Fraud Goes Mainstream: Sift’s Q1 2025 Digital Trust Index Reveals 89% Surge in Consumer Exposure to Fraud Schemes

Hackers Are Using Compromised Computers To Generate Bitcoin

What is Business Email Compromise (BEC)?

What Are the Risks of Business Email Compromise & How Can You Prevent Them?

Why The Data Breach Decline Is Bad News For Businesses

CyberArk Gets Patent For Security Risk Detection Technology

Microsoft Admits Breach Of Web-Based Email Accounts

Visa On Its 1 Billion Token Milestone — And What Lies Ahead

FIs Expect Cybersecurity Spending To Increase In 2021, Study Finds

Singapore, Hong Kong Police, INTERPOL Bust Scam Syndicate After S$17.9M in Losses

SEC Chair Warns Of Increasing Cyberattacks Against Companies

22 percent of data breaches are caused by compromised credentials

Hack Of C-Suite Email Addresses Portends Surge In BEC Fraud

Anomali Identifies Scam To Steal Gov’t Procurement Site Credentials

Invoice Fraud Strikes Amazon In $19M Scam

Instacart Blames Reused Passwords For Account Hacks

Hundreds Of Millions Of Accounts Compromised In Major Email Hack

SWIFT CSP: A Quick Guide for Financial Institutions

Banks Reinforce Protections As Cybercriminals’ Tactics Evolve

Payments Providers Combat The Conflict Between Security, User Experience

Data Blizzard Hits LA Schools: Students data stolen in Snowflake Hack

P2P Security Issues Plague Millions Of IoT Devices

Dunkin' Donuts accounts compromised in credential stuffing attack

Mastercard Goes OTP-Free in APAC for Faster, Safer Online Transactions

Stay Connected