Lender OneMain fined $4.25 million for cybersecurity lapses

OneMain Financial Group, which specializes in issuing loans to people with “nonprime” credit histories, will pay a $4.25 million penalty in New York state for cybersecurity lapses found during a government investigation. “OneMain failed to effectively manage third-party service provider risk, manage access privileges, and maintain a formal application security development methodology, significantly increasing the

access application application security briefs credit cybersecurity development effectively financial government investigation manage new york party pay people privileges risk security service service provider state third third-party