Financial services breaches triple since 2016

Broken piggy bank

2018 has seen nearly three times as many breaches at financial services organizations as there were in 2016, according to a new report.

The study by cloud access security broker Bitglass finds there have been 103 breaches in this year’s report compared to just 37 two years ago.


Hacking and malware were responsible for nearly three quarters (73.5 percent) of all breaches in 2018. This is a massive increase over previous years, when they were responsible for 20 percent -- just behind the leader, lost and stolen devices, which caused 25 percent of breaches.

The top three financial services breaches in 2018 each exposed more records than the sum total of all breaches in Bitglass' 2016 report. This suggests not only that breaches are becoming more frequent, but that they are growing in scale too. The top three breaches in 2018 were SunTrust Banks (with 1.5 million records exposed) Guaranteed Rate (188,000 records exposed), and RBC Royal Bank (66,000 records exposed). In 2016, the total of all breached records was only 64,512.

Noteworthy threats to financial firms in 2018 include cloud cryptojacking, ransomware-as-a-service platforms, modular banking trojans like Emotet, and ransomware like WannaCry. The cloud remains a risk too, with 44 percent of organizations having malware in at least one of their cloud apps.

"Financial organizations regularly handle sensitive, regulated data like home addresses, bank statements, and Social Security numbers," says Rich Campagna, CMO of Bitglass. "This type of information is an incredibly attractive target for criminals, meaning that financial services firms need to be highly vigilant when it comes to cybersecurity. Failing to protect data and reach regulatory compliance can spell disaster for any company."

You can find out more in the full report which is available from the Bitglass website.

Image Credit: Rob Byron / Shutterstock

Comments are closed.

© 1998-2022 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.