Bitglass report reveals the leaky truth of financial services in 2019

Cloud Security firm Bitglass has released a new financial data focused report uncovering more than 60% of all leaked records in 2019 were exposed by financial services organisations.

The 2019 Financial Breach Report: The Financial Matrix studies the latest trends, data breaches, and top threats facing the financial industry.

“Given that organisations in the financial services industry are entrusted with highly valuable, personally identifiable information (PII), they represent an attractive target for cybercriminals,” noted Anurag Kahol, CTO of Bitglass. 

Although only 6% of all breaches in 2019 were suffered by financial services firms, the leaked records issue would be deemed quite worrying for consumers.

However, Bitglass states this figure is ‘partially due to the Capital One mega breach’ which saw over 100 million records breached.

Capital One confirmed that customer names, physical and email addresses, phone numbers and dates of birth were among the data that the hacker downloaded, as were credit scores. No account numbers or log-in credentials were exposed. 

The study explained that due to the value of PII average breaches in financial services companies still tend to be larger and more detrimental than other sectors’ breaches, however they are less often. 

Bitglass believes many financial services organisations are still leaving themselves vulnerable to attacks because of the lack of cybersecurity for modern day instances such as cloud-based processes and the emerging bring-your-own-device (BYOD) environment.

“Hacking and malware are leading the charge against financial services and the costs associated with breaches are growing,” continued Kahol. 

“Financial services organisations must get a handle on data breaches and adopt a proactive security strategy if they are to properly protect data from an evolving variety of threats.”

Other key findings from the report include: 

  • Hacking and Malware remain the primary cause of data breaches in financial services at 74.5% (up slightly from 73.5% in 2018). 
  • Insider Threats grew from 2.9% in 2018 to 5.5% today, while Accidental Disclosures increased from 14.7% to 18.2%.
  • The cost per average breached record in financial services ($210) has increased over the last few years and exceeds the per-breached-record cost of all other industries except healthcare ($429).
  • For mega breaches, which affect approximately 100M or more individuals, the cost per breached record in financial services is now $388 – up from $350 in 2018.
  • The top three breaches of financial services firms in 2019 were suffered by Capital One Financial Corporation (106 million individuals), Centerstone Insurance and Financial Services (111,589), and Nassau Educators Federal Credit Union (86,773).