Tag Archive for: payments

Dallas City Council approves $8.6 million in payments for ransomware attack response

/in


The Dallas City Council on Wednesday approved nearly $8.6 million in payments for services related to the ransomware attack earlier this year, including credit monitoring for potential identity theft victims.

The council asked no questions about the payments before unanimously approving the agenda item. The names of the vendors receiving the money, how much each vendor is getting, and what specific services were provided were not laid out in any publicly available documents. A list of what the money is being set aside for was provided to The Dallas Morning News by Deputy City Manager Jon Fortune after the council meeting.

Fortune told the council during the meeting that the city mailed about 27,000 letters starting last week notifying mostly current and former employees, such as retirees, that their data was exposed and that the city is offering credit monitoring because of it.

The $8.6 million is coming from two different city reserve funds to pay invoices to vendors for new hardware, software, consultants, monitoring and other professional services described as emergency purchases made because of the cyberattack, according to city documents.

Politics

Political Points

Get the latest politics news from North Texas and beyond.

According to the city, the money is going toward:

– New storage devices, servers, laptops, desktop computers and mobile dispatch computers for police and fire vehicles to replace ones that were compromised or damaged in the ransomware attack.

– Temporary staff who aided in the city’s recovery efforts.

– Credit monitoring services, identity protection, call center and notification support.

– Forensic accounting.

– Recovery and restoration services for city applications and systems.

– Installation for new hardware and equipment.

– New and additional software licenses to enhance the city’s cybersecurity, response and recovery efforts.

The city is planning to file insurance claims and put any reimbursement received into its general fund contingency reserve, which is 65% of the funding source for these invoice payments. The rest is from the city’s liability reserve fund.

The payment approval comes three months after the city announced being hit with a ransomware attack on May 3.

It…

Source…

PayPal Introduces More Secure Payments with Passkeys

/in


Passkeys are designed to replace passwords and allow seamless logins for consumers across devices and platforms.

Makes online purchases easier for consumers, removes checkout friction for merchants.

SAN JOSE, Calif., Oct. 24, 2022 /PRNewswire/ — Today, PayPal announced it is adding passkeys as an easy and secure log in method for PayPal accounts. Passkeys are a new industry standard created by the FIDO Alliance and the World Wide Web Consortium that replace passwords with cryptographic key pairs, offering customers a simple and secure way to log in to PayPal based on technology that is resistant to phishing and designed so that there is no shared passkey data between platforms. The new PayPal log in option will first be available to iPhone, iPad, or Mac users on PayPal.com and will expand to additional platforms as those platforms add support for passkeys.

PayPal introduces passkeys as an easy and secure log in method for PayPal accounts.
PayPal introduces passkeys as an easy and secure log in method for PayPal accounts.

A founding member of the FIDO Alliance, PayPal is one of the first financial services companies to make passkeys widely available to its users. This cutting-edge security standard is significant as passkeys address one of the biggest security problems on the web, which is the weakness of password authentication. Over 2.6 billion records were hacked in 2017 and of these hacks, 81% are estimated to have been caused by password stealing and guessing1. Many consumers recycle passwords across online services, which can not only be cumbersome but can also lead consumers to reuse the same, potentially vulnerable passwords across services. Passkeys are designed to replace passwords for an even more seamless and secure login experience with PayPal.

Passkeys will also help more consumers complete their purchases with PayPal – once PayPal users create a passkey, they won’t have to remember their password, allowing them to check out with greater ease. According to a recent survey of U.S. consumers, 44% of consumers have abandoned an online purchase because they forgot a password.2

“Launching passkeys for PayPal is foundational to our commitment to offering our customers safe, secure and easy ways to access and manage their daily financial…

Source…

Ransomware Payments Become an Even Riskier Choice Amidst the Ever-Growing Sanctions List | Faegre Drinker Biddle & Reath LLP

/in


In February 2022, Executive Order 14024 highlighted that Russia’s invasion of Ukraine threatened not only Ukraine but also the national security and foreign policy of the United States. Pursuant to this executive order, and in the face of national security concerns, the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) has instituted extensive sanctions, including both economic and trade sanctions. Also, in response to the national security concerns, the Cybersecurity and Infrastructure Security Agency (CISA) issued a Shields Up notice, urging companies to bolster their cybersecurity to protect themselves against the threat of a cyberattack.

As the conflict between Russia and Ukraine continues, the threat of a cyberattack, specifically ransomware and NotPetya-style attacks, remains top of mind. However, as entities continue to bolster their cybersecurity and protect themselves against these attacks, they should be cognizant of the implications that OFAC sanctions may have in connection with such an attack.

All U.S. persons must comply with the sanctions against Russia. U.S. persons are defined as U.S. citizens and permanent residents regardless of location, as well as all persons and entities who are in the U.S. and all entities incorporated in the U.S. and any of their foreign branches.

This analysis becomes complicated during ransomware attacks. When an entity is the victim of a ransomware attack, they typically have to make a decision about whether to pay the attacker a ransom in order to retrieve their data or to get a key to unencrypt their data. Ransom payments — including payments with cryptocurrency or payments facilitated through third parties — to sanctioned persons or entities are in violation of the OFAC regulations. In light of the Russia-Ukraine conflict, the number of sanctioned individuals and entities has increased dramatically, making it more difficult to ensure that an entity requesting a ransom payment is not subject to sanctions.

Making a ransomware payment where it is known that the ransomware attacker originated from a person or group on the OFAC sanctions list is in violation of the OFAC regulations and subjects the payor…

Source…

Payments for SouthEast Asian Trips via QR Code May be Available Soon | Here’s How to Avoid QR Scams

/in


Five of the SouthEast Asian top economies, including the Philippines, will link their networks so visitors may scan QR codes for payments.

Travelers may Sooner Pay for SouthEast Asian Travels by Scanning QR Codes

According to a report from Bloomberg, the goal of the central banks in Southeast Asia is to integrate their payment systems this year so that consumers may scan QR codes to make purchases throughout the area.

Bank Indonesia Governor Perry Warjiyo stated that by November, five of the region’s largest economies, including the Philippines, are scheduled to sign a deal to integrate their networks. Warjiyo announced it in a panel discussion that was held on the sidelines of the Group of 20 finance ministers and central bank governors meeting in Bali.

The system would employ local currencies to settle payments across the nations; thus, payments made in Thailand using an Indonesian app will be converted straight into rupiah and baht without needing US dollars as a middleman.

In order to ultimately introduce the same structure to real-time bank transfers and central bank digital currencies, the central banks will next attempt to connect this network with other regional clusters throughout the globe.

The managing director of the Monetary Authority of Singapore, Ravi Menon, said at the same panel in Bali, “This may be a vital action that we can expand to the rest of the globe.” He added that it is a piece of infrastructure that benefits all residents by increasing financial inclusion, boosting efficiency, and opening up new economic prospects.

There are still gaps in the relationships. While Singapore is connected to Thailand and is looking to add other nations, Malaysia, Indonesia, and Thailand are all connected.

Read Also: Nintendo Acquired Dynamo Pictures, Plans to Rename It to Nintendo Pictures

QR Code Scanning and Scams | Here’s What You Should Know

Contactless payments have gained popularity after the 2020 COVID-19 epidemic and societal alienation. Customers may pay with a credit card by scanning QR codes with their cellphones.

There’s no reliable, consistent method to know what a QR code connects to before scanning it and clicking its link, which allows…

Source…