OneMain Financial Group LLC agreed to a $4.25 million settlement with New York regulators for failing to have sufficient cybersecurity protocols in place.
The New York Department of Financial Services said Thursday that OneMain, a lender focusing on nonprime consumers, violated the state’s rigorous cybersecurity regulations, resulting in third-party vendors and the company itself exposing consumers’ personal financial information.
“We are pleased to have resolved this historical matter relating primarily to a past examination of our policies from 2017 to early 2020, which the company has long since addressed,” Evansville, Ind.-based OneMain said in a statement.
Among the violations listed ...