BNY Mellon has filed a notice of data breach affecting clients’ Social Security numbers:
On May 13, 2023, Bank of New York Mellon Corporation (“BNY Mellon”) filed a notice of data breach with the Attorney General of Massachusetts after learning that confidential information that had been entrusted to the company was leaked in what appears to be a third-party data breach. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names and Social Security numbers. After confirming that consumer data was leaked, BNY Mellon began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
Ani Chaudhuri, CEO, Dasera had this to say:
The recent data breach at the Bank of New York Mellon Corporation (BNY Mellon) is unfortunate.
This incident highlights a salient issue that businesses and consumers face today – third-party data breaches. Today, business operations are intertwined with multiple entities, including vendors, service providers, and partners. As such, an organization’s data security is no longer confined within its walls but extends to all the third-party entities it interacts with.
This breach underscores the importance of robust third-party risk management. It’s crucial for organizations to meticulously vet the security practices of all third-party partners they engage with. To ensure robust protection, companies should consider implementing continuous monitoring of third-party vendors and conduct regular security audits.
Moreover, the sensitive nature of the data involved – names and Social Security numbers – brings to light the need for stronger data anonymization and encryption practices. Even if data falls into the wrong hands, it should be rendered useless through strong encryption measures. Data should be treated as a crucial asset, and protective measures should be in place to shield it at all times.
BNY Mellon’s immediate actions following the breach – notification to affected individuals and offering free credit monitoring services – are commendable. Rapid response is key in such situations. Simultaneously, organizations should be committed to learning from such incidents and adapting their security posture accordingly.
Moving forward, we need to rethink our approach to cybersecurity, acknowledging the complex, interlinked landscape we operate in. The digital age offers immense opportunities, but it also brings with it new challenges that we must be prepared to meet head-on.
As a community, we must stand together, learn from these incidents, and adapt. Only through cooperation and dedication can we hope to build a safer digital future for all.
Another day, another data breach. This isn’t a good look, and it illustrates the state of play when it comes to stopping this sort of thing from happening. This paradigm really needs to change. And the sooner it changes the better for all of us.
BNY Mellon Is The Victim Of A Data Breach
Posted in Commentary with tags Hacked on May 20, 2023 by itnerdBNY Mellon has filed a notice of data breach affecting clients’ Social Security numbers:
On May 13, 2023, Bank of New York Mellon Corporation (“BNY Mellon”) filed a notice of data breach with the Attorney General of Massachusetts after learning that confidential information that had been entrusted to the company was leaked in what appears to be a third-party data breach. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names and Social Security numbers. After confirming that consumer data was leaked, BNY Mellon began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
Ani Chaudhuri, CEO, Dasera had this to say:
The recent data breach at the Bank of New York Mellon Corporation (BNY Mellon) is unfortunate.
This incident highlights a salient issue that businesses and consumers face today – third-party data breaches. Today, business operations are intertwined with multiple entities, including vendors, service providers, and partners. As such, an organization’s data security is no longer confined within its walls but extends to all the third-party entities it interacts with.
This breach underscores the importance of robust third-party risk management. It’s crucial for organizations to meticulously vet the security practices of all third-party partners they engage with. To ensure robust protection, companies should consider implementing continuous monitoring of third-party vendors and conduct regular security audits.
Moreover, the sensitive nature of the data involved – names and Social Security numbers – brings to light the need for stronger data anonymization and encryption practices. Even if data falls into the wrong hands, it should be rendered useless through strong encryption measures. Data should be treated as a crucial asset, and protective measures should be in place to shield it at all times.
BNY Mellon’s immediate actions following the breach – notification to affected individuals and offering free credit monitoring services – are commendable. Rapid response is key in such situations. Simultaneously, organizations should be committed to learning from such incidents and adapting their security posture accordingly.
Moving forward, we need to rethink our approach to cybersecurity, acknowledging the complex, interlinked landscape we operate in. The digital age offers immense opportunities, but it also brings with it new challenges that we must be prepared to meet head-on.
As a community, we must stand together, learn from these incidents, and adapt. Only through cooperation and dedication can we hope to build a safer digital future for all.
Another day, another data breach. This isn’t a good look, and it illustrates the state of play when it comes to stopping this sort of thing from happening. This paradigm really needs to change. And the sooner it changes the better for all of us.
Leave a comment »