Citigroup, U.S. Bank and HSBC quizzed by top Democrats over data breaches

Citigroup and HSBC banksCitigroup, U.S. Bank, HSBC, and 13 other US banks, investment firms, and financial service providers have been sent letters from leading Democrats in both houses of Congress, requesting detailed information about recent data breaches.

“The increasing number of cyber attacks and data breaches is unprecedented and poses a clear and present danger to our nation’s economic security,” Mr. Cummings (top Democrat on the House Oversight and Government Reform Committee) and Ms. Warren (member of the Senate Banking Committee) wrote.

The letters requested:

  • details of all data breaches experienced over the past year;
  • the number of customers affected;
  • any findings by forensic investigators;
  • information about who is suspected to have carried out the attacks;
  • descriptions of new cybersecurity measures the companies instituted after discovering data breaches.

Other firms that were sent letters included: ADP, Bank of America, Bank of NY Mellon, Bank of the West, Deutsche Bank, E-Trade, Fidelity, GE, Goldman Sachs, Morgan Stanley, PNC, Regions, and Wells Fargo.

These letters from members of Congress show that cyber attacks and data breaches are being treated as matters of national importance.

It was just last month that JPMorgan revealed it suffered a cyber attack that impacted 76 million private and seven million business customers in the US.

This is just one of a string of highly publicized cyber attacks that have recently hit the headlines in the US.

In order to protect customer data it is absolutely vital that organizations – businesses, banks, government agencies, retailers, and others – implement robust information security management systems (ISMSs).

ISO27001 is the international information security standard that ensures cybersecurity while maintaining a competitive advantage, and against which an ISMS can be certified. It also provides a solid framework that supports adherence to a number of US cybersecurity laws, including FISMA, HIPAA, and SOX.

Find out how ISO27001 can be leveraged in your organization by downloading this free guide >>

How ISO27001 can help you comply with cyber security legislation in the United States