Hackers get TCM Bank’s applicant data for the past 16 months

TCM Bank a subsidiary of Washington, D.C.-based ICBA Bancard Inc, which helps more than 750 small and community U.S. banks to issue credit cards to their account holders, was hacked last month. During the breach, hackers managed to get the names, addresses, dates of birth and Social Security numbers of thousands of people who applied for cards between early March 2017 and mid-July 2018.
After discovering the breach on July 16, 2018, TCM said the information exposed was data that card applicants uploaded to a Web site managed by a third party vendor.
The breach exposed fewer than 10,000 consumers who applied for cards were affected, which represent less than 25 percent of the applications processed during the relevant time period that were potentially affected, and less than one percent of all cardholder database that was affected.
Companies and individual people must take certain precautions against this growing phenomenon of cyber attacks; for that they should implement at least a cybersecurity solution, like an antivirus, to protect their systems. Necessary things like regularly updating operating systems, using antivirus for Windows or antivirus for Mac depending on which OS your device is using. Companies must also hire professional cybersecurity firms to do regular checkups to their internal network a couple of times per year. These checkups must always include a penetration test and various ethical hacking test.
Last year, the ICBA sued Equifax over the massive data breach that exposed the Social Security numbers and other sensitive data on nearly 150 million Americans.
Once data breach or data leak occurs many companies quickly place the blame for the incident on a third-party that mishandled sensitive information. Sometimes the blame is entirely warranted, but it doesn’t comfort those affected particularly when it comes from banks or security providers.
The bank or financial institutions aren’t the only ones that use this kind of practice, for example, we told you last week that identity theft protection provider LifeLock recently blamed a Web site misconfiguration for the breach that exposed the email addresses of millions of customers.
We understand that managing third-party risk can be challenging, especially for companies that have hundreds or thousands of partners. This is why it’s important for companies of all shapes and sizes to be vigilant regarding cybersecurity protocols in order to make sure that their partners are well protected against cyber threats that can evolve into a first-party breach of customer trust.
Keep in mind that by baselining the network usage behavior of the users, network and security professionals can spot when a user’s credentials are used in unfamiliar ways. Furthermore, looking at the network traffic the IT teams can predict and see where hackers are getting in, and even find vulnerabilities that have been exploited, faster.
We must say that every device has a significant value that must be protected by at least cybersecurity solution like an antivirus. Depending on which OS your device is running, install an antivirus for Windows or antivirus for Mac for total protection. Companies must take an extra step and hire a professional cybersecurity firm that will run various cybersecurity tests on your company’s network to implement only the best possible cybersecurity solution. Always opt for a package that includes at least a penetration test and ethical hacking test. For companies that exist 100% online, we recommend the using of cyber-secured web hosting services.