Data Breaches in the financial services

The Unstoppable Rise of Data Breaches in Financial Services

Banks and other financial services globally host a wealth of some of the world’s most sensitive data. By their very nature, they are required to possess both PPI (personally identifiable information) and PCI (payment card industry) data. This includes credit card numbers, birthdates, addresses, phone numbers, credit scores and much more. As a result, these databases are incredibly desirable to cyber criminals, who can use this data for a whole host of reasons.





Past years have seen the number of data breaches and attacks steadily increase, with 2018 seeing in a record-breaking number. The number of data breaches reported within the UK by financial service firms increased by 480% in 2018 – this equates to 145 reported data breaches compared to just 25 in 2017.

Credit reporting firm, Equifax, was one such company who suffered a major breach. The incident saw 400,000 British accounts and a staggering 143 million U.S. accounts compromised, with details including names, social security numbers, email addresses and more being stolen, alongside 209,000 credit card numbers. A major incident like this can have devastating consequences on businesses. In this case, multiple lawsuits were filed and the CEO, CIO, and CSO all stepped down.

The top three breaches in 2018 were:

This image has an empty alt attribute; its file name is Screenshot-2019-07-19-at-12.01.15.png


Why is it happening?

Often financial services have built up their cyber security portfolio over the years. However, once they’ve set up the infrastructure, many businesses don’t try and improve or update it. They often misguidedly believe that cyber security invested in by the company a decade or five years ago is enough to withstand the current threat landscape, unaware that cyber attacks have dramatically evolved since. It is also sometimes often believed that cyber security migration to a new tool or programme might be too much of a headache, with small IT teams unwilling to perform the task single-handedly.

Traditional endpoint and on-premise based tools are sometimes seen as enough to protect data, but this is without factoring in the evolving threats. The traditional office-based firewall is no longer enough to protect organisations, as mobile working takes users out of the office – connecting to potentially malicious Wi-Fi and more refined phishing attempts. Many organisations still have trust in traditional password authentication method but time and time again, this is being proved to be an outdated method to secure sensitive data. Read more about it here. Alternate authentication methods are essential to ensure an effective security strategy.

What’s changed?

2018 saw the threat landscape shift, with hacking and malware responsible for nearly three-quarters of all breaches within financial services.

This rise in hacking and malware can be attributed to breaches of the past year which have featured the likes of ransomware, cloud crypto-jacking, and highly-sophisticated specialised malware. A recent study found that 44% of organisations have at least one cloud app infected with malware.

Many traditional anti-malware tools are incapable of detecting some of the latest malware, leaving systems vulnerable. Cyber-criminal tools have undoubtedly become more sophisticated, as they learn how to bypass around traditional firewalls, with banking Trojan botnets, DDoS (Denial of Service) and phishing attempts all becoming common methods used in attempts to access data.

One such malware evolution is the Emotet malware. First discovered in 2014, it was originally a banking Trojan which specialised in targeting German and Austrian bank customers in an attempt to steal their credentials. In the last 5 years, it has dramatically evolved to extend its versatility and is now capable of obtaining financial data, emails, browser history, password and Bitcoin wallets. In addition, once Emotet infects a device, it adds it to a botnet which uses the device to perform DDoS attacks and send out spam email. This rise from a relatively simple banking Trojan to potentially one of the world’s most dangerous pieces of malware signifies how far cyber attacks have come.

Reliance on cloud and mobile technology is enabling employees to work out of the office and on-the-go. Malicious actors are continuously working to find ways to infiltrate them, and outdated security systems can often be ineffective against them.

What next?

Data breaches can often have devastating consequences on financial services. The possession of such a valuable wealth of information by the sector means that attacks upon such organisations are unlikely to desist.

The event of a data leak can result in heavy fines. The introduction of GDPR by the European Union in 2018 now means that dependent on the level of the breach, a company can be fined up to €20 million or 4% annual global turnover, whichever is higher. And the EU is not the only ones who are capable of fining businesses, with Tesco Bank recently being fined £16.4 million by the FCA for failing to protect against a cyber attack which saw £2.26 million of their customer’s money stolen. Despite the breach itself being relatively small monetary wise, the bank was subsequently given a fine worth 725% of the value stolen. A much larger breach and equivalent fine could cripple a company.

A data breach also heavily shakes a client’s trust in the company, and loss of trust can mean business is taken elsewhere, alongside the inevitable multitude of lawsuits often filed. A business should not undervalue the cost of insufficiently protecting data, with PPI being the most frequently compromised data variety (36%), closely followed by PCI (34%). The breach of such data puts a client greatly at risk of fraud and identity theft, of which the breached business could be accountable for.

The rise in malware is a clear indicator that companies need to refocus their effort on defending their systems and heightening their security. The rise of cloud and BYOD has made users, and subsequently, their businesses, more vulnerable to malware as alternate routes into the company become available. The rise of the number of devices and applications the standard user now accesses, stores and processes data on creates more opportunities for malware to access and infect the enterprise. It’s essential that businesses are ensuring that they are investing in cyber security, as the consequences without it can be devastating.

How Can Mobliciti Help?

Mobliciti specialises in cloud services and mobile endpoint security, ensuring that data is kept secure and safe. Our managed services ensure that your secure customer data is protected with the very latest cyber security solutions without compromising the user experience.

To find out more, please get in touch.