One in four breaches in the financial sector are from lost or stolen devices
New research from data protection company Bitglass into breaches in the financial services industry reveals that leaks nearly doubled between 2014 and 2015, and that lost and stolen devices are the most common cause.
While hacking remains a major fear, only one in five leaks were caused by it. Other breaches were the result of unintended disclosures (14 percent), malicious insiders (13 percent), and lost paper records (8.1 percent).
In 2015, 87 breaches were reported in the financial services sector, up from 45 in 2014. In the first half of 2016, 37 US banks have already disclosed breaches. In addition over 60 organizations have suffered recurring breaches in the last decade, including most major banks.
JP Morgan Chase, the largest bank in the US, has suffered recurring breaches since 2007. The biggest, the result of a cyberattack, was widely publicized in 2014 and affected an estimated 76 million US households. Other breaches at JPMorgan were due to lost devices, unintended disclosures, and payment card fraud.
Of the three major credit agencies, the 2015 Experian leak was the largest, affecting 15 million individuals. Equifax has also disclosed several recent breaches, including unauthorized accesses earlier this year that affected hundreds of thousands of individuals.
"Financial institutions are prime targets for hackers and are rightfully concerned about the threat of cyber-attacks, device theft, and malicious insiders," says Nat Kausik, CEO of Bitglass. "To stay one step ahead as data moves beyond the firewall, firms in this sector must encrypt cloud data at rest, control access by contextual risk, and protect data on unmanaged devices".
More detail on the findings is available in the full report which you can get from the Bitglass website.