State of financial breaches – new report

Next-Gen Cloud Security company Bitglass has released its 2019 Financial Breach Report: The Financial Matrix, which analyses the latest trends, the biggest breaches, and the top threats facing financial services organisations.

This year’s study found that while only 6pc of all breaches in 2019 were suffered by financial services firms, these breaches compromised significantly more records than those that occurred in other industries.

In total, more than 60pc of all leaked records in 2019 were exposed by financial services organisations. This is at least partially due to the Capital One mega breach, which compromised more than 100 million records. Despite this outlier, average breaches in financial services companies still tend to be larger and more detrimental than other sectors’ breaches. Fortunately, they do occur less often.

“Given that organisations in the financial services industry are entrusted with highly valuable, personally identifiable information (PII), they represent an attractive target for cyber criminals,” said Anurag Kahol, CTO of Bitglass.

“Hacking and malware are leading the charge against financial services and the costs associated with breaches are growing. Financial services organisations must get a handle on data breaches and adopt a proactive security strategy if they are to properly protect data from an evolving variety of threats.”

Key Findings
● Hacking and Malware remain the primary cause of data breaches in financial services at 74.5pc (up slightly from 73.5pc in 2018). Insider Threats grew from 2.9pc in 2018 to 5.5pc today, while Accidental Disclosures increased from 14.7pc to 18.2pc.
● The cost per average breached record in financial services ($210) has increased over the last few years and exceeds the per-breached-record cost of all other industries except healthcare ($US429).
● For mega breaches, which affect approximately 100 million or more individuals, the cost per breached record in financial services is now $388 – up from $350 in 2018.
● Many financial services organisations are still not taking proper steps to secure data in the modern cloud and BYOD environment. Consequently they are suffering from recurring breaches. For example, Capital One and Discover each experienced their fourth significant data breach in 2019.
● The top three breaches of financial services firms in 2019 were suffered by Capital One Financial Corporation (106 million individuals), Centerstone Insurance and Financial Services (111,589), and Nassau Educators Federal Credit Union (86,773).