InfoSecBulletin Cybersecurity for mankind
Because of disclosing incorrect and negative data, The Consumer Financial Protection Bureau (CFPB) on Wednesday fined TD Bank, one of North American leading financial institutions $28 million to consumer reporting agencies.
According to the agency, The inaccurate data included “systemic errors about credit card delinquencies and bankruptcies,”. Nearly $8 million of the $28 million fine will be sent to victims who were impacted, CFPB said.
New Ransomware Tactics Target VMware ESXi Via SSH Tunneling
Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass
CISA Releases 6 ICS Advisories Detailing Security Issues
Account Credentials for Security Vendors Found on Dark Web: Cyble Report
Four Critical Ivanti CSA Vulnerabilities Exploited: CISA , FBI warns
GitLab Releases Patch (CVE-2025-0314) for XSS Exploit
CVE-2025-20156
Cisco Fixes Meeting Management Allowing Privilege Escalation
Delay patching leaves about 50,000 Fortinet firewalls to zero-day attack
Daily Security Update Dated: 21.01.2025
126 Linux kernel Vulns Allow Attackers Exploit 78 Linux Sub-Systems
CFPB said, The bank allegedly shared faulty information even though it “knew or suspected” some of the accounts were fraudulent. The agency said, though TD bank knew about the fraudulent account it didn’t do nothing.
“By April 2023, instead of making sure only accurate information about its customers was sent to consumer reporting companies, TD Bank kept sharing fraudulent information about those accounts as if it belonged to the bank’s customers,” CFPB said.
The bank broke the law, violating both the Fair Credit Reporting Act and the Consumer Financial Protection Act, according to CFPB. Additionally, customers who disputed TD Bank’s bad information received no help, CFPB alleged, saying that the bank “failed to conduct proper investigations and sometimes to conduct any investigation at all.”
“long before this settlement, TD self-identified these matters and voluntarily and proactively implemented enhancements to our furnishing and dispute handling practices”, TD bank statement reads and also mentioned “TD cooperated fully to resolve this matter and is committed to continuing to deliver on its responsibilities to its customers,”.
CFPB Director Rohit Chopra said , “The CFPB’s investigation found that TD Bank illegally threatened the consumer reports of its customers with fraudulent information and then barely lifted a finger to fix it,”.
“Rather than treating its customers fairly and following the law, TD Bank’s management clearly cared more about growth and expanding its empire through mergers,” Chopra added, calling on regulators to scrutinize the bank’s practices moving forward.
TD Bank Group, the bank’s parent company, reported $1.97 trillion in assets as of mid-2024, according to CFPB. With 10,000 branches, TD Bank is the tenth-largest commercial bank in the U.S.
