The hacking campaign, dubbed Salt Typhoon by investigators, was targeting sensitive information, the Wall Street Journal (WSJ) reported Wednesday (Sept. 25), citing sources familiar with the matter.

As the report noted, it marks the latest in a series of hacks that investigators in the U.S. say are connected to China.

In this case, the hack involved an incursion into U.S. broadband networks, with cybercriminals setting up a foothold inside the network that let them access data stored by telecommunications companies or carry out cyberattacks.

According to the WSJ, former U.S. intelligence officials say the alleged hack seems to be audacious in its scope, even by the standards set by past attacks by China-linked hackers.

“This would be an alarming — but not really surprising — expansion of their malicious use of cyber to gain the upper hand over the United States,” said Glenn Gerstell, former general counsel at the National Security Agency.

He added that China had long depended on cyber theft to steal industrial or military secrets before quietly establishing itself within critical U.S. infrastructure.

“Now it seems they are penetrating the very heart of America’s digital life, by burrowing into major internet-service providers,” he said.

Sources told the WSJ that investigators are probing whether the hackers got access to Cisco Systems routers, and that Microsoft is looking into the intrusion and what sensitive information may have been accessed.

The report is the latest bit of bad news in a year dominated by high-profile cyberattacks on the country’s ports, automotive sector and healthcare system.

In the wake of these incidents, PYMNTS wrote last week, cybersecurity has become a chief concern for organizations of all sizes, serving as a brutal reminder that no company, no matter its size or resources, can escape cyber threats.

“These breaches have not only exposed millions of personal data records but also revealed vulnerabilities in the systems used by businesses and their service providers,” that report said. “As cyberattacks grow in frequency and sophistication, the responsibility to reduce the attack surface — the totality of vulnerabilities that hackers could exploit — is increasingly falling on businesses and their service providers.”

The post Report: China-Connected Hackers Breach US Broadband Networks appeared first on PYMNTS.com.

And that’s what took place Tuesday (Sept. 24), when the U.S. House Committee on Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection heard from Adam Meyers, senior vice president, counter adversary operations, at CrowdStrike, during a hearing entitled, “An Outage Strikes: Assessing the Global Impact of CrowdStrike’s Faulty Software Update.”

The July IT outage severely disrupted key functions of the global economy, resulting in cancellations of 3,000 commercial flights, delays of 11,800 other flights, cancellations of surgeries, disruptions to 911 emergency call centers, and a need for companies across nearly all commercial sectors to devote millions of manual labor hours to solving the problem.

While members of the House Homeland Security Committee had originally asked CrowdStrike CEO George Kurtz to appear and give public testimony about the faulty software update, Kurtz instead sent Meyers as his deputy.

“The sheer scale of this error was alarming. … We are here today to understand what went wrong,” subcommittee Chairman Rep. Andrew Garbarino, R-N.Y., said to open the hearing.

“We need CrowdStrike to be effective and successful because its efficacy and success are the effectiveness and success of its customers,” added ranking member Rep. Eric Swalwell, D-Calif., noting that CrowdStrike holds 17.7% of the global cybersecurity market share. 

Read more: CrowdStrike Outage Rolls On; Attention Turns to Software Update Quality Control

CrowdStrike Incident: What Happened?

“Just over two months ago, we let our customers down,” CrowdStrike’s Meyers said to begin his testimony.

CrowdStrike is used by 538 Fortune 1000 companies, 298 Fortune 500 firms, and 43 of 50 U.S. states.

Delta has claimed that the IT outage, which canceled over 5,000 of its flights, will cost it $500 million, and in a report published Thursday (Sept. 19), Germany’s Federal Office for Information Security (BSI) found that 10% of German-based organizations impacted by the July outage are dropping their current security vendors’ products.

As PYMNTS reported at the start of the month, CrowdStrike faces numerous legal challenges from the glitch that caused a global tech outage, while writing about the incident in August, we argued here that the outage underscored the need for companies to have effective disaster recovery plans.

Asked by lawmakers how CrowdStrike is going to make it right “for the victims of the incident by making them whole … and create accountability for the space in the future,” Meyers demurred and saying instead to the fact that 99.9% of systems were up and running soon after the incident.

Regarding what actually happened that day in July, Meyers explained to lawmakers that one of CrowdStrike’s Falcon threat detection configurations — which are sent daily to sensors running on Microsoft Windows devices — contained an extra input for which there was no defined action. This mismatch led the software to follow a configuration without knowing which rules to follow, triggering a malfunction until the problematic configurations were replaced. 

Lawmakers from rural districts highlighted what they framed as a widening digital divide when questioning Meyers about CrowdStrike’s recovery response and the delays suffered by organizations in their regions.

Read more: Reducing the Attack Surface: How Data Breaches Imperil Corporate Networks

State of Cybersecurity

As noted by Meyers during his testimony, advancements in threat detection, prevention and response capabilities have aided defenders in recent years, but adversaries have responded by increasingly adopting and relying on techniques to evade detection. This includes supply chain attacks, insider threats and identity-based attacks. Threat actors’ speed also continues to accelerate as adversaries compress the time between initial entry, lateral movement, and “actions of objective” (like data exfiltration or attack).

At the same time, Meyers added, the rise of generative artificial intelligence (AI) has the potential to lower the barrier of entry for low-skilled adversaries, making it easier to launch attacks that are more sophisticated and state of the art.

“Good AI equals good cybersecurity,” he said. “There’s a wave of horizon threats that pertain to AI.”

Against this backdrop, Craigslist founder Craig Newmark reportedly made a $100 million cybersecurity pledge last week (Sept. 18), saying that the United States is “under attack,” and at risk for hacking by foreign governments.

And elsewhere, Disney reportedly plans to stop using workplace collaboration platform Slack following a recent data breach that exposed sensitive information.

The post Trending: Lawmakers Grill CrowdStrike on IT Outage and Cybersecurity Gaps appeared first on PYMNTS.com.

“We continue to make progress in successfully restoring some of our key transactional systems,” the money transfer company said in a Tuesday post on social platform X.

We continue to make progress in successfully restoring some of our key transactional systems. Our dedicated team is actively working around the clock on resuming normal business operations. Once all systems are fully operational, transactions that are currently pending will be…

— MoneyGram (@MoneyGram) September 24, 2024

MoneyGram added in the post that transactions that are currently pending will be made available to customers when all its systems are fully operational.

The post came three days after MoneyGram said it was experiencing a network outage impacting connectivity to some of its systems and was working to better understand the nature and scope of the issue.

“We recognize the importance and urgency of this matter to our customers,” the company said in a Saturday (Sept. 21) post on X.

MoneyGram is experiencing a network outage impacting connectivity to a number of our systems. We are working diligently to better understand the nature and scope of the issue. We recognize the importance and urgency of this matter to our customers.

— MoneyGram (@MoneyGram) September 21, 2024

On Monday (Sept. 23), MoneyGram said it identified a cybersecurity issue affecting some of its systems.

“Upon detection, we immediately launched an investigation and took protective steps to address it, including proactively taking systems offline which impacted network connectivity,” the company said in a Monday post on X. “We are working with leading external cybersecurity experts and coordinating with law enforcement.”

MoneyGram recently identified a cybersecurity issue affecting certain of our systems. Upon detection, we immediately launched an investigation and took protective steps to address it, including proactively taking systems offline which impacted network connectivity. We are…

— MoneyGram (@MoneyGram) September 23, 2024

Eighty-two percent of eCommerce merchants experienced a cyber or data breach in the last year, according to the PYMNTS Intelligence report “Fraud Management in Online Transactions.”

Director of National Intelligence Avril Haines told Congress in May that there has been an alarming increase in cyberattacks worldwide and that companies in the United States have emerged as the primary targets for these attacks.

Cyberattacks on city governments, healthcare systems and a sensitive data storage cloud infrastructure were some incidents that happened this summer that reminded businesses that security is critical, PYMNTS reported in June.

Cyberattacks that targeted brands and celebrities on TikTok, lab services provider Synnovis, multi-cloud data warehousing platform Snowflake and others sparked concerns that fraudsters and criminal ransomware gangs may be deliberately targeting businesses whose customers and end users would suffer greatly from ongoing and extended disruptions to business. That way, they could exert more pressure on these organizations to pay a ransom, PYMNTS reported in July.

The post MoneyGram Works to Restore Systems After ‘Cybersecurity Issue’ appeared first on PYMNTS.com.

Newmark said the country is at risk for hacking by foreign governments, The Wall Street Journal reported Wednesday (Sept. 18). As such, Newmark is donating $50 million to protect infrastructure like power grids against cyberterrorism, and the rest of the money to cybersecurity education.

“The country is under attack,” said Newmark, per the report, adding that workers in the cybersecurity sector “need people to champion them.”

Newmark painted scenarios in which connected products such as household appliances would be attacked and cause simultaneous fires, hindering a fire department’s ability to respond, according to the report.

The pledge is part of a larger plan by Newmark to give away the bulk of his wealth. In addition to the $100 million for cybersecurity, Newmark will have given or pledged more than $400 million since founding Craig Newmark Philanthropies in 2015, the report said.

His efforts to beef up America’s digital defenses come amid a wave of reported security breaches, outages and other cybersecurity incidents.

“2024 is Already the Year of the Cyberattack” read a PYMNTS headline July 4 after high-profile attacks that weakened the country’s healthcare system and automotive sales industry.

Since then, there have been reports of ransomware attacks at the Paris Olympics and the Port of Seattle, as well as a mass outage of IT systems — affecting airports, banks and hospitals — tied to a software glitch at cybersecurity firm CrowdStrike.

Cyber and data breaches are becoming almost unavoidable, and large businesses in the digital landscape will continue to be enticing targets for criminals due to their combination of valuable data, complex systems and the potential for substantial ransom payments.

In interviews for the “What’s Next in Payments” series, executives told PYMNTS that a multilayered security strategy, otherwise known as defense in depth, is vital for lowering risks at various levels. It’s an approach that means employing multiple defensive measures across the enterprise network.

The post Craigslist Founder Craig Newmark Says US ‘Under Attack’ From Hackers appeared first on PYMNTS.com.

The new CrowdStrike Financial Services aims to facilitate customers’ access to the cybersecurity solution, the company said in a Tuesday (Sept. 17) press release.

“On our mission to stop breaches, we are committed to making every point in the security process frictionless for our customers and partners,” George Kurtz, CEO and founder of CrowdStrike, said in the release.

CrowdStrike Financial Services offers in-house financing with easy-to-understand terms; flexible payments in the form of monthly, quarterly, annual, skip, step and customizable payment structures; and hands-on customer service from financial professionals during the product acquisition and throughout the financial agreement, according to the release.

Customers can use this financing in combination with CrowdStrike’s Falcon Flex, an adaptable licensing model that makes the Falcon platform’s portfolio of modules more accessible to customers by allowing customers to use the modules they need, when they need them, per the release. They can also use the financing in standard licensing models.

“The Falcon Platform consolidates disjointed point products, Falcon Flex provides customers flexibility to deploy what they need, when they need it, and now CrowdStrike Financial Services transforms the financing experience by offering seamless and flexible options for adopting the Falcon platform,” Kurtz said in the release.

Embedded finance is increasingly being adopted in the business-to-business (B2B) landscape, PYMNTS reported in July. For example, nearly 83% of small and mid-sized businesses (SMBs) have said they wanted embedded financial services tied to the platforms they use, according to the PYMNTS Intelligence and American Express collaboration, “End the Wait: SMBs and the Protracted Challenge of Delayed Payments.”

When Qonto added its first in-house financing offer, “Pay later,” to the business finance solutions it offers SMBs and freelancers in March, the company’s CEO and co-founder, Alexandre Prot, said in a press release: “The launch of Pay later brings us one significant step closer to our goal of becoming the business finance solution of choice for 1 million European [SMBs] and freelancers by the end of 2025.”

Qonto was founded in 2016 to facilitate business banking for entrepreneurs and solopreneurs.

The post CrowdStrike Subsidiary to Finance Cybersecurity Platform Solutions appeared first on PYMNTS.com.

The “fast-moving” incident on August 24 was carried out by a criminal organization known as Rhysida, the port, which also operates Seattle-Tacoma Airport, said in a news release Friday (Sept. 13).

“Our investigation has determined that the unauthorized actor was able to gain access to certain parts of our computer systems and was able to encrypt access to some data,” the release said.

“We took steps to block further activities including disconnecting our systems from the internet, but unfortunately, the encryption and our response actions hindered some port services including baggage, check-in kiosks, ticketing, Wi-Fi, passenger display boards, the Port of Seattle website, the flySEA app, and reserved parking.”

The port was able to restore most of those systems within a week, though some work is ongoing. The Port of Seattle also refused to pay the cyberattack ransom, which means the hackers could respond by posting stolen data on the darkweb.

“Assessment of the data taken is complex and takes time, but we are committed to these efforts and notifying potentially impacted stakeholders as appropriate,” the release said. “In particular, if we identify that the actor obtained employee or passenger personal information, we will carry out our responsibilities to inform them.”

The organization says it has been boosting security through measures like strengthening its identity management and authentication protocols and enhancing its monitoring. The port says it is still on “heightened alert” but adds that it is safe to travel from the airport and use the city’s maritime facilities.

Incidents such as these underscore the fact that traditional cybersecurity solutions, while still critical, “are no longer sufficient to safeguard against sophisticated attacks,” PYMNTS wrote last month when news of the port attack first emerged.

To safeguard critical assets and uphold operational integrity, organizations must combine established best practices with innovative, emerging security measures.

In interviews for PYMNTS’ “What’s Next in Payments” series, executives hammered home the same point: General best practices should be mixed with emerging security solutions, and that being proactive is the first step in protecting the perimeter.

“A multilayered security strategy, also known as defense in depth, is essential for mitigating risks at various levels,” PYMNTS wrote. 

“This approach involves implementing multiple defensive measures across the enterprise network, including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and network segmentation. By creating multiple barriers, organizations can prevent or contain breaches before they cause significant damage.”

The post Seattle Port Still on ‘High Alert’ Following ‘Fast-Moving’ Cyberattack  appeared first on PYMNTS.com.

“We have executed a settlement agreement for an aggregate cash payment of $30 million to settle all U.S. claims regarding the 2023 credential stuffing security incident,” the genetics testing company told PYMNTS Sunday (Sept. 15).

“Counsel for the plaintiffs have filed a motion for preliminary approval of this settlement agreement with the court. Roughly $25 million of the settlement and related legal expenses are expected to be covered by cyber insurance coverage. We continue to believe this settlement is in the best interest of 23andMe customers, and we look forward to finalizing the agreement.”

A Reuters report on the settlement notes that the company has agreed to provide three years of security monitoring as a result of the class-action litigation, which accused 23andMe of failing to protect the private information of almost 7 million customers exposed in the breach last year.

The settlement also resolves allegations that 23andMe did not tell customers with Chinese and Ashkenazi Jewish ancestry that a hacker had apparently targeted them specifically, selling them on the dark web, Reuters added.

According to the report, 23andMe called the settlement fair and reasonable in its own court filing, but also cited its “extremely uncertain financial condition,” in asking the judge to pause arbitrations by tens of thousands of class members, until the settlement is approved or they decide not to participate.

The company revealed the breach in October of last year, about six months after it began. The incident affected almost half of the 14.1 million customers in 23andMe’s database at the time, Reuters said. A hacker accessed 5.5 million DNA Relatives profiles, which allow customers to share information with each other, along with information for another 1.4 million users of a feature called Family Tree.

As PYMNTS wrote last month, large businesses such as 23andMe “will continue to be attractive targets for cybercriminals,” as the “combination of valuable data, complex systems and the potential for significant ransom payments makes them particularly vulnerable.”

Speaking to PYMNTS for interviews for the “What’s Next in Payments” series, executives stressed the need for the multilayered security strategy known as defense in depth to reduce risks at various levels. 

That’s because when an attacker gets access via stolen credentials, the potential for escalation is substantial, with minor disruption quickly spiraling into a full-scale disaster.

“You may not have realized it yet, but they’re going to hit you,” Amount Director of Product Management Garrett Laird told PYMNTS. “The fraudsters are jerks — and they like to hit you on holidays and on weekends, at 2 in the morning.”

The post 23andMe Paying $30 Million to Settle Data Breach Suit appeared first on PYMNTS.com.

And in the contemporary age, where commerce increasingly happens online and payment systems have become more intertwined with complex technologies, the importance of cybersecurity — and beyond just that, widening the aperture on threat intelligence — has never been more critical.

The news Thursday (Sept. 12) that Mastercard has made a $2.65 billion bet on cybersecurity by acquiring threat intelligence company Recorded Future only serves to put an exclamation point on this emerging fact.

After all, digital payments, ranging from traditional card transactions to emerging instant payment mechanisms, are a vital component of modern economies. However, as the volume of these payments increases, so does the sophistication and frequency of cyber threats targeting this ecosystem.

“If you think about our hyperconnected and interdependent digital world … almost every day that goes by sees the expansion of the digital footprint,” Johan Gerber, executive vice president of security solutions at Mastercard, told PYMNTS in an exclusive interview about the acquisition, which is expected to be finalized by the first quarter of 2025.

Along the way, Gerber added, the lines between cybercrime and fraud are collapsing, as stolen credentials are harvested when a website is breached. The stolen credentials are used for scams and social engineering, and card and other types of fraud are rampant.

Against this backdrop, understanding the risks and developing robust strategies to protect digital payment systems is paramount for businesses, financial institutions, and consumers alike.

Read more: Aligning Payments and Data Operations With Compliance and Cyber Risks 

Threat Intelligence as a Guardrail for Digital Payment Systems

The digital payments landscape has evolved rapidly over the past decade. FinTech innovations, mobile payment apps, contactless technologies and more have transformed the way consumers and businesses transact.

With 85% of Generation Z and 82% of millennials preferring contactless digital payments, the demand for these technologies is reshaping the payments industry. According to the PYMNTS Intelligence report, “Tapping Into the Future of Payments,” 91% of Gen Z consumers are adopting digital-first payments, outpacing other age groups.

The benefits of this evolution are clear — convenience, speed and cost-effectiveness. However, as payment methods diversify, they introduce new vulnerabilities. Unlike traditional payment systems that operate within well-defined regulatory and security frameworks, emerging technologies like, real-time payments, embedded finance solutions and more often lack the same maturity in terms of security infrastructure. This creates a fertile environment for cybercriminals, who continuously adapt to exploit these emerging weaknesses.

But while the threat landscape is evolving, so too are the tools and strategies designed to combat cyber risks. Threat intelligence, which involves collecting and analyzing data about potential cyber threats, plays a crucial role in preventing, identifying and mitigating attacks. By leveraging threat intelligence, businesses and financial institutions can stay ahead of cybercriminals by anticipating their tactics, techniques and procedures (TTPs).

For example, threat intelligence’s ability to provide real-time insights into emerging threats can identify vulnerabilities like new phishing campaigns targeting payment providers, or detect unusual patterns in transaction data that may indicate fraud. These insights can then be used to update security protocols, strengthen authentication measures or block suspicious activity before it results in significant financial loss.

See also: Guarding the Gate: Cyberattacks Won’t Stop, but Their Fallout Can Be Prevented

Enterprise Cybersecurity: Embracing a Dynamic Approach

Per Recorded Future’s site, threat intelligence can be broadly categorized into four main types: tactical threat intelligence, operational threat Intelligence, strategic threat Intelligence and technical threat Intelligence.

Tactical threat Intelligence focuses on the immediate TTPs used by cybercriminals in attacks. It includes details such as malware signatures, phishing methods or known vulnerabilities. This type of intelligence is short-term and helps cybersecurity teams quickly detect and respond to threats.

Operational threat Intelligence provides insights into specific cyberattacks, including details on the nature, timing and motivation behind the threats. This intelligence is often gathered from past incidents and helps organizations understand the context and potential impact of current or future attacks, enabling better incident response planning.

Strategic threat Intelligence offers a broader, long-term view of the threat landscape, focusing on trends, emerging risks and geopolitical or market factors that could influence cyber threats. This type of intelligence is used by high-level decision-makers to inform security strategy, policy and resource allocation.

And finally, technical threat intelligence involves the collection of technical indicators of compromise (IoCs), such as IP addresses, domains, and file hashes associated with malicious activity. This intelligence is highly technical and used by security professionals to configure defense systems, block malicious traffic or prevent specific attacks.

The post Behind the Screens: How Threat Intelligence Keeps Digital Payments Secure appeared first on PYMNTS.com.

And with the news Thursday (Sept. 12) that Lehigh Valley Health Network (LVHN), one of the largest primary care groups in Pennsylvania, has paid a $65 million settlement to patients impacted by a breach that saw their sensitive personal information stolen by a criminal ransomware gang, socializing best practices across the entire organization and fostering a culture of security is top of mind for firms across sectors — particularly for leaders like chief information security officers (CISOs).

After all, as cyber events become not just a bug but a feature of business operations, the need for effectively communicating cyber-risk to internal leadership teams and C-suite colleagues has never been more pressing.

Particularly as businesses in critical sectors like financial services move to adopt innovations like real-time payments, mobile wallets and other advances, the potential points of vulnerability multiply. Cybercriminals are no longer just focused on hacking networks; they are targeting payment ecosystems that contain sensitive data, including customer payment credentials, transaction histories, and personally identifiable information (PII).

PYMNTS Intelligence finds that just 57% of Americans trust financial institutions (FIs) to protect their data.

To manage today’s risks, as well as protect against tomorrow’s, organizations need a holistic approach to payments and data security that integrates compliance into everyday operations.

Read more: Decoding Cybersecurity: Understanding FedRAMP and ISO 27001 Standards

The Evolving Landscape of Payments and Cybersecurity

Aligning payments and data operations with cybersecurity efforts is an intricate process, largely because these functions traditionally existed and operated in silos. Payment teams often focus on transaction speed, efficiency and customer experience, while cybersecurity teams concentrate on risk mitigation and data protection. But this fragmented approach weakens the company’s defense mechanisms and failing to integrate these priorities can lead to vulnerabilities that cybercriminals exploit.

Modern consumers and businesses expect payments to be instantaneous, but real-time payment systems come with real-time cyber risks. Striking a balance between the need for speed and stringent security measures is crucial. CISOs must work closely with payment teams to ensure that cybersecurity protocols do not hamper operational efficiency while maintaining robust security standards.

The cyber threat landscape is in constant flux, with ransomware attacks, phishing schemes and fraud evolving rapidly. Payment systems are particularly attractive to cybercriminals because they are gateways to financial gain. Payment fraud, business email compromise (BEC) and identity theft are becoming increasingly sophisticated, forcing CISOs to be agile and proactive in their approach.

“Security events and security alerts are something we deal with every single minute of every day,” David Drossman, chief information security officer at The Clearing House (TCH), told PYMNTS for the series, “What’s Next in Payments: Protecting the Perimeter.”

“The key for us is to make sure that none of those events or alerts become incidents or major crises,” Drossman said.

Research from PYMNTS Intelligence has shown that virtual cards and digital spend management solutions can help finance departments close the books faster while guarding against fraud.

See also: Guarding the Gate: Cyberattacks Won’t Stop, but Their Fallout Can Be Prevented

Socializing Best Practices Across the Organization

In separate interviews for the “What’s Next in Payments” series, executives also stressed to PYMNTS that a multilayered security strategy, also known as defense in depth, is crucial for reducing risks at various levels. This approach means implementing multiple defensive measures across the enterprise network.

One of those key defensive layers is increasingly the digitizing of legacy and paper-based payment workflows. With workflows digitized, businesses are able to turn to artificial intelligence (AI) and machine learning (ML) technologies to detect anomalies in payment transactions in real time. These systems can analyze vast amounts of data to identify unusual patterns that may indicate fraud or cyberattacks.

For instance, AI can monitor payment systems for irregularities, such as unauthorized access attempts or unusual transaction patterns, and automatically flag them for further investigation. This proactive approach strengthens the organization’s ability to defend against emerging threats.

At the same time, CISOs need the backing of the C-suite to drive a company-wide focus on cybersecurity and compliance. Engaging leadership through regular reporting on security metrics, potential risks, and the financial implications of non-compliance can help secure the necessary resources and buy-in from decision-makers.

The post Aligning Payments and Data Operations With Compliance and Cyber Risks appeared first on PYMNTS.com.

The messaging app has become the “premiere” platform for people seeking weapons, stolen data, illegal drugs and child sexual abuse material, the Wall Street Journal reported Sunday (Sept. 8), citing interviews with law-enforcement officials and cybercrime researchers.

The report notes that the platform — which combines messaging and social networking — is easy to use, claims it has never revealed user data to any third party, and has a “laissez-faire approach” to content moderation.

Last month, authorities in France arrested Pavel Durov, the Russian-born billionaire who founded Telegram, charging him with complicity in distributing child pornography, illegal drugs and hacking software on the app, as well as with refusing to cooperate with investigations into illegal activity on the platform.

The company issued a statement saying it abides by European laws, including the Digital Services Act, and that its moderation is in keeping with industry standards.

“It is absurd to claim that a platform or its owner are responsible for abuse of that platform,” the company wrote on X. “Almost a billion users globally use Telegram as means of communication and as a source of vital information. We’re awaiting a prompt resolution of this situation. Telegram is with you all.”

Durov told the WSJ that while Telegram wasn’t perfect it was not a “sort of anarchic paradise,” adding that the company was willing to hold dialogue with regulators.

The report — citing chat records and researchers — says that drug traffickers, pedophile rings and identity thieves use Telegram as a “shop window” to sell their wares, with one channel advertising a stream of passports, ID cards and selfies that fraudsters could use to open bogus bank accounts. This channel was removed when the WSJ questioned Telegram for the article.

PYMNTS examined the ease with which criminals can steal a person’s identity earlier this year in a conversation with Bryan Lewis, CEO of Intellicheck. The raw materials are surprisingly cheap. Criminals and crime rings can purchase names, addresses, Social Security numbers and emails for $30 to $40.

At the same time, Lewis noted, treating everyone like a criminal is bad for business. The key, he added, is to let people prove their identities in the simplest way.

“If you can tell that a government-issued ID is real, that’s the most important step,” Lewis said. “After that, you can use the face or something else, because now we’ve tied a face or voice to an identity — and you can create an immutable token.”

The post Telegram’s Criminal Use Spotlighted After CEO’s Arrest appeared first on PYMNTS.com.