Phillip Capital (PCI), a Chicago-based futures brokerage, was fined US$ 1.5 million for lack of cybersecurity measures. According to an order from the U.S. Commodities Futures Trading Commission, the brokerage firm failed to disclose the cyber breach to its customers in a timely manner. The order also finds that PCI failed to supervise its employees with respect to cybersecurity policy and procedures, a written information systems security program and customer disbursements.
“Cybercrime is a real and growing threat in our markets,” said CFTC Director of Enforcement James McDonald. “While it may not be possible to eliminate all cyber threats, CFTC registrants must have adequate procedures in place—and follow those procedures—to protect their customers and their accounts from potential harm.”
Multiple security incidents were reported by various brokerage firms in recent times. Crypto brokerage platform, Coinmama, recently notified users that it suffered a security breach which affected around 450,000 users’ emails and hashed passwords. The company stated that a few unknown intruders compromised customer data and kept for sale on a dark web registry.
Coinmama provides a cryptocurrency exchange platform for trading digital currency globally. The security professionals at Coinmama revealed the compromised data belonged to the users who registered until August 05, 2017. Coinmama also explained the security issue affected 30 companies and a total of 841 million user records.
Coinmama established an Incident Response Team to identify the nature of the intrusion. The company also took additional security measures to thwart further loss and notified the affected users to reset their passwords upon next login and urged all other users to verify that their passwords are unique and strong.