Data breaches, AI merits: Top tech news June 2024

July 5, 2024 12:10 PM

In June's roundup of top tech news: U.S. Bank partnered with Greenlight to provide financial education resources, ransomware group LockBit released data belonging to Evolve Bank & Trust, banks consider the merits of open-source and closed-source generative AI and more.

Click here to read last month's roundup of top tech news.

U.S. Bank's collaboration with Greenlight is the latest product tied to the launch of the institution's Bank Smartly accounts and rewards program in November 2022.

David Paul Morris/Bloomberg

U.S. Bank announces partnership with Greenlight to provide family app

Article by Frank Gargano

U.S. Bank in Minneapolis has partnered with the Atlanta-based family finance fintech Greenlight Financial Technology to help customers teach their children healthy spending habits.

Consumers with the $684 billion-asset bank that have eligible U.S. Bank checking accounts can gain free access to Greenlight's platform and linked debit cards for children and teenagers up to 17 years old. The collaboration is the latest product tied to the launch of the institution's Bank Smartly accounts and rewards program in November 2022.

"Families were looking for a better way to raise financially smart kids [and] we found that age-appropriate financial literacy, paired with a debit card to put the skills into practice, is a powerful way to meet that need," said Jennifer Miller, head of strategic alliances and campus banking at U.S. Bank. "Greenlight has revolutionized how parents teach their kids and teens about money, and we wanted to bring that to our customers in a simple and seamless experience."

Click here to read the full story.

Machine learning has a firm place in banks' fraud and scam detection work. But some are also experimenting with using generative AI to research and handle claims.

Adobe Stock

What are the tech solutions to Zelle fraud and scam resolution?

Article by Penny Crosman

As Zelle fraud and scam victims tell their stories of losing large sums of money and Congress continues to hold hearings on this topic, it seems clear banks need to step up fraud detection, fraud investigations and dispute resolution.

Some of this will take human effort — for instance, better training of human fraud investigators and customer service reps. But technology that detects, flags and reports on fraud and generative AI that gathers customer and account history data could help humans investigate and handle customer fraud claims more smoothly.

Banks have long used traditional forms of AI, such as machine learning, to find unusual transaction patterns that indicate fraud. The use of generative AI to research claims is in the early stages.

Click here to read the full story.

Federal Reserve Headquarters As Fed Officials Foreshadow A Hawkish Powell Speech

Ransomware group LockBit threatened on June 23 to publish data on June 25 that it claims it stole from the Federal Reserve. Ransomware experts said it was likely that the group was bluffing.

Graeme Sloan/Bloomberg

Hackers claim they stole Federal Reserve data, offer no evidence

Article by Carter Pape

In a post on its victim-shaming site, ransomware group LockBit claimed on the evening of June 23 that it had stolen 33 terabytes of data belonging to the Federal Reserve, and the group threatened a June 25 evening release time. The Fed has not commented on the matter.

Brett Callow, a threat analyst at Emsisoft, said it was "highly likely, in my opinion" that the group is lying. "I believe it's far more likely that any data they do have relating to the [Fed] would have come from a third party," he said.

Breaches of third-party IT services have become a common method for ransomware actors to steal data. In a prominent recent example, threat actor UNC5537 stole data from multiple organizations by breaching databases stored by cloud storage provider Snowflake. According to Google-owned cybersecurity firm Mandiant, it and Snowflake have notified "approximately 165 potentially exposed organizations" about the breaches. Among those companies are Santander Bank, QuoteWizard and Ticketmaster.

Click here to read the full story.

The threat actor Sp1d3r posted an ad on June 12 for data it says it stole from Truist. The bank said the breach, which happened in October, is not related to a campaign by the same criminal group.

Graeme Sloan/Bloomberg

Truist suffers data breach, hackers claim it affects 65,000 employees

Article by Carter Pape

On June 14, Truist acknowledged an October data breach that, according to a threat actor advertising the stolen data on a forum, includes data on 65,000 employees.

"In October 2023, we experienced a cybersecurity incident that was quickly contained," a spokesperson for Truist said. "In partnership with outside security consultants, we conducted a thorough investigation, took additional measures to secure our systems, and notified a small number of clients last fall."

The spokesperson did not say who was behind the breach, how it occurred nor whether the thieves demanded a ransom payment. The Truist spokesperson did not acknowledge the threat actor's claim of having source code or employee data, except to say that the bank was "providing awareness to teammates."

Click here to read the full story.

Dow Eclipses 40,000 For First Time As Investors Bet On Rate Cuts

Trading halts caused by an error affected 40 stocks the morning of June 3, including BMO Bank, Banco Santander-Chile, Berkshire Hathaway and others.

Alex Kent/Bloomberg

Bank stocks among those that plunged 99% due to NYSE glitch

Article by Carter Pape

Multiple U.S. company stocks temporarily and erroneously dove by 99% or more on the morning of June 3 due to a now-resolved technical issue with the system that disseminates real-time trade and quote information from the New York Stock Exchange.

BMO Bank, Berkshire Hathaway, Barrick Gold, NuScale Power and other companies' stocks saw trading halted after 9:40 a.m. Eastern time, each at slightly different times. In each case, within a couple of hours, trading on the stock resumed at prices within 10% of the previous day's close.

The stock exchange, which is owned by Intercontinental Exchange, said a technical issue with industrywide price bands published by the Consolidated Tape Association led to the halts. The association oversees the dissemination of real-time trade and quote information for NYSE and other regional stock exchanges. The association has had 100% system availability in 17 of the last 20 quarters, according to its website.

Click here to read the full story.

Microsoft President Brad Smith Testifies Before House Homeland Security Committee

Brad Smith, president of Microsoft, said during a House Homeland Security Committee hearing in June that the company "accepts responsibility for each and every one of the issues" that led to a compromise last year of many State Department emails.

Tierney L. Cross/Bloomberg

Microsoft under fire for recent cybersecurity lapses

Article by Carter Pape

At a Congressional hearing in June, Microsoft president Brad Smith took responsibility on his company's behalf for a cyberattack that took place last year in which China-linked hackers gained access to 60,000 U.S. State Department emails.

The hearing is part of growing scrutiny toward Microsoft regarding its cybersecurity practices following the hack, and another like it this year in which Russian-linked hackers gained access to emails belonging to officials at Microsoft, Hewlett Packard Enterprise, and the U.S. federal government.

As one of the largest software vendors to the U.S. government and domestic industries including banking, the company's cybersecurity practices are vital to national security, Smith acknowledged in his testimony before the U.S. House Committee on Homeland Security. He pointed to the company's Secure Future Initiative, launched in November to organize and invigorate the company's dedication to cybersecurity, as "a top priority."

Click here to read the full story.

Evolve Bank & Trust acknowledged the ransomware group published customer data from the bank, but the number of affected people remains unclear.

Adobe Stock

LockBit stole a bank's data, but it wasn't the Fed's

Article by Carter Pape

After claiming it had data stolen from the Federal Reserve, ransomware group LockBit released records on June 25 belonging to Evolve Bank & Trust, which confirmed it had been the victim of a cyberattack.

On June 23, the threat actor had initially said on its victim-shaming blog that it had stolen data from the Fed, which did not publicly comment on the matter before the night of June 25, when LockBit published the data it had actually stolen.

That evening, the group published the data, and it became clear that it did not belong to the Fed, but to Evolve. There is no evidence that LockBit stole the Evolve data from the Fed.

Click here to read the full story.

From left to right: Imran Khan, head of TD Invent at TD Bank Group; Ryan Hildebrand, chief innovation officer of Bankwell Bank; Sathish Muthukrishnan, chief information, data and digital officer at Ally Bank

Banks consider merits of open-source and closed-source generative AI

Article by Miriam Cross

Most banks experimenting with generative artificial intelligence are starting with closed-source models and gradually progressing to open-source models.

But the calculations that govern these decisions, including those around cost and security, are changing, as are other developments in this space such as a budding interest in small language models.

"We are seeing clients starting with one technology and experimenting with other models because they want to be agnostic," said Bhavi Mehta, the global head of AI for financial services at Bain. He sees banks using generative AI models for several purposes, including frontline productivity, such as summarizing information for relationship managers; customer service, such as summoning answers to customer queries quickly; generating code; and creating content for marketing. Automating workflows in back-office operations, such as triggering notifications for compliance issues, are more nascent.

Click here to read the full story.

Combining the August 2023 launch of Statewide Federal Credit Union's new savings account with aggressive marketing efforts proved fruitful for the credit union, pulling in more than $8 million in deposits in less than a year as of May.

Bart Sadowski/bartsadowski - Fotolia

How a Mississippi credit union attracted $8 million in new deposits

Article by Frank Gargano

As the country emerged from the COVID-19 pandemic in May 2023, banks and credit unions flush with deposits saw the cost of funds increase along with average interest rates. These increases drove competition between institutions to offer the highest rates for consumers.

When Casey Bacon, chief executive of Statewide Federal Credit Union in Flowood, Mississippi, was facing the same drop-off in new deposits, he leaned on fintech partnerships to boost new member acquisition and, in turn, deposits.

"We didn't have the deposit growth like we had throughout [the pandemic]. … As the interest rate environment changed, we had to become more aggressive with both retaining our existing deposits and attracting new deposits," Bacon said. "Even today, the competition just continues to basically accelerate."

Click here to read the full story.

Joshua Roberts/Bloomberg

Consumer groups to CFPB: Make banks fairness-test AI lending software

Article by Penny Crosman

The Consumer Federation of America and Consumer Reports sent a letter to the Consumer Financial Protection Bureau on June 26, urging it to set ground rules for the use of artificial intelligence in lending. The groups' top recommendation was that banks should be required to search for less discriminatory alternatives. Later the same day, the CFPB issued a fair lending report that it is forcing lenders to make an effort to ensure their lending algorithms (AI based or not) meet fair lending laws.

The issue of discrimination in AI-based lending has percolated for the dozen-plus years banks and fintechs have been using it. Consumer advocates and regulators worry that consumers could get harmed by AI-generated decisions, though some lenders using this software have reported increasing their lending to people in protected classes.

In an interview, Adam Rust, director of financial services at the Consumer Federation of America, said his organization is not reacting to complaints or problems that exist today, but trying to forestall the consumer harm that could come from the widespread use of AI-based lending if regulators do not put guardrails in place.

Click here to read the full story.