Curated Content | Thought Leadership | Technology News

SEC Penalizes Firm after Poor Security Leads to Repeated Cyberattacks

Two breaches, one big fine.
Ryan Uliss
Contributing Writer
Two darts in the center of the target dartboard on a colorful background

Financial firm Equiniti Trust Company, formerly known as American Stock Transfer & Trust Company, has agreed to pay an $850,000 penalty imposed by the Securities and Exchange Commission (SEC). The fine stems from the firm’s mishandling of two cybersecurity incidents in 2022 and 2023, which resulted in the theft of $6.6 million from client accounts.

In one incident, hackers hijacked an email chain between Equiniti and a U.S. client, impersonating the client to liquidate and transfer $4.78 million to overseas accounts, of which only $1 million was recovered. In a later attack, a hacker used stolen Social Security numbers to create fake accounts that were automatically linked to legitimate ones, allowing the transfer of $1.9 million.

Despite recovering a portion of the stolen funds and reimbursing affected customers, Equiniti was found in violation of SEC regulations designed to protect client assets from cyber threats.

Why It Matters: Effective cybersecurity protocol is crucial for every business, but it’s especially vital for financial institutions., where breaches can lead to significant losses, reputational harm, and regulatory penalties. The SEC’s action against Equiniti Trust underscores that the agency is not taking such incidents lightly, signaling the need for companies within the sector to continually update and enforce their cybersecurity protocols against evolving threats. Regulators are increasingly emphasizing the responsibility of financial firms to ensure the safety and integrity of client assets.

  • SEC Enforcement Action: Equiniti Trust Company agreed to an $850,000 settlement with the SEC after being charged with failing to secure customer assets during two cyberattacks in 2022 and 2023. The regulatory agency found Equiniti in violation of regulations requiring financial firms to implement adequate safeguards to protect client funds and securities from cyber intrusions.
  • Details of the Breaches: In one incident, hackers impersonated a client to instruct the transfer of $4.78 million to overseas accounts, with Equiniti recovering only $1 million. Another breach involved the creation of fraudulent accounts using stolen Social Security numbers, leading to the theft of $1.9 million, of which $1.6 million was recovered.
  • Global Implications: With the stolen funds being transferred to international accounts, Equiniti’s case underscores the global nature of cybercrime and the challenges it presents to financial institutions in tracking and recovering assets.
  • Industry Impact: The case highlights the growing prevalence of business email compromise (BEC) tactics like the ones used in these attacks, which have become a major concern for the financial industry, as evidenced by the FBI’s report of $2.9 billion in losses from BEC fraud in 2023.

Go Deeper -> SEC Fines Financial Services Firm for Losing Client Money in Two Unrelated Cyberattacks – CyberNews

Financial Firm Fined $850k for Violating SEC Cyber Rules – The Record

☀️ Subscribe to the Early Morning Byte! Begin your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

☀️ Your latest edition of the Early Morning Byte is here! Kickstart your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

ADVERTISEMENT

×
You have free article(s) left this month courtesy of CIO Partners.

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Would You Like To Save Articles?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Thanks for subscribing!

We’re excited to have you on board. Stay tuned for the latest technology news delivered straight to your inbox.

Save My Spot For TNCR LIVE!

Thursday April 18th

9 AM Pacific / 11 PM Central / 12 PM Eastern

Register for Unlimited Access

Already a member?

Digital Monthly

$12.00/ month

Billed Monthly

Digital Annual

$10.00/ month

Billed Annually

Would You Like To Save Books?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Log In To Access Premium Features

Sign Up For A Free Account

Please enable JavaScript in your browser to complete this form.
Name
Newsletters