The Office of Compliance Inspections and Examinations alerted firms to the increased prevalence of "credential stuffing," a cyberattack method that involves the use of automated scripts to attempt to log into customer accounts using stolen personal information.
President Trump's threatened Executive Order "banning" social media application TikTok prompted Microsoft to announce that it would "continue discussions to explore a purchase of TikTok in the United States."
FinCEN alerted financial institutions to indicators of COVID-19-related cybercrime. The alert concerns (i) the exploitation of remote platforms, particularly against financial and healthcare systems, (ii) phishing, malware and extortion schemes, and (iii) business email compromise fraud.
The U.S. House Financial Services Subcommittee on National Security, International Development and Monetary Policy considered legislative proposals aimed at addressing fraud and cybersecurity vulnerabilities.
The California Attorney General proposed additional modifications to proposed regulations for the California Consumer Privacy Act. The Act went into effect on January 1, 2020, and will be enforced starting July 1, 2020.
U.S. Attorney General William P. Barr highlighted ongoing enforcement challenges resulting from immunity provisions under the Communications Decency Act that protect internet service providers from liability for the content of online speech.
U.S. Senator Kirsten Gillibrand (D-NY) introduced the "Data Protection Act of 2020." The bill would form a national Data Protection Agency to establish and enforce data privacy and cybersecurity practices.
On December 6, 2019, experts testified before the House Financial Services Committee on the impact of artificial intelligence on investing, the financial services workforce, and compliance and risk management.