Top Five Data Breaches in Finance History

No wonder the financial sector is one of the sectors most targeted by cybercriminals. Put simply, cybercriminals go where the money is. For hackers, financial institutions offer many ways to make money, including fraud, extortion, and theft. Financial institutions store large amounts of sensitive financial data, resulting in large payouts for hackers trying to line their pockets.

Since finance tops the list of industries most vulnerable to cyberattacks, along with education, energy and healthcare, they should be at the top of every financial institution's list for protecting their data.The purpose of this article is not only to list the seven biggest attacks in financial history, but also to discuss what we can learn from these incidents.

Data leakage Examples

1. The first American financial company

According to Forbes, in May 2019 a security researcher and whistleblower reported the largest data breach in the financial sector to date. The breach compromised more than 800 million mortgage records, which included countless innocent people's names, social security numbers, bank account numbers and addresses. The documents found are dated 2003 at the time of discovery.A Fortune 500 mortgage company accidentally scanned these sensitive documents without any protection. In principle, anyone with the link can view the documents.

What can we learn

First American Financial's biggest mistake was not having a plan to proactively protect these sensitive documents. First American had no identity verification, let alone a process to protect that information. There was practically nothing to protect their customers' personal information from hackers.If your organization handles someone else's confidential information, the Federal Trade Commission (FTC) recommends starting with the following five steps:

Take stock: Write down what information and how much you remember.
Reduce: Keep only what is necessary.
Lock it down: Protect the information you keep. If so, you should encrypt your files, use MFA and password protection, limit employee access, and consider using an external SOC provider for 24/7 monitoring of your digital infrastructure.
Present it: Delete obsolete information that is no longer needed.
Plan ahead: Create a breach response plan.

2. Equifax

On September 7, 2017, major credit bureau Equifax reported a breach that affected more than 143 million Americans. The hackers gained access to the data by exploiting a vulnerability in one of the company's web servers. About 209,000 of the stolen documents also contained full credit card numbers.The CVE-2017-5638 vulnerability was apparently overlooked by Equifax, as a patch to fix this vulnerability has been available for some time.

What can we learn

Like First American, Equifax appeared to have no process to protect customer data. Blame it on their laxity in paying attention to the release of newly found CVEs and the most thorough implementation of their fixes. Keeping up to date with the CVE version is imperative for all businesses to protect valuable data from misuse. Secondly, Equifax should have a better overview of the entire digital infrastructure.This type of monitoring is available through third-party SOC providers who monitor and notify organizations of security alerts.

3. Heartland Payment Systems

Heartland Payment Systems, which specializes in payment systems and payroll, suffered a data breach in 2008 big enough to make this list. According to Proofpoint, after a two-month search by a team of cybersecurity experts, the culprit for a series of suspicious swipes on Visa and MasterCard was discovered. It was discovered that an SQL injection in 2007 changed the code on the Heartland login page, giving the hacker access.The breach cost the company more than $200 million. Albert Gonzalez was later charged with the crime to 20 years in prison.

What can we learn

Heartland's biggest security mistake was confusing compliance with security. Heartland was PCI DSS compliant at the time of the breach, but the regulations did not yet protect the company's or its partners' data. Compliance standards get organizations on the right track, but they don't promise absolute certainty.Organizations in the financial sector need additional cybersecurity systems.
The attack also affected Heartland's partners who used their payment processing services. This breach demonstrates the importance of managing supplier risk to protect third parties who may also be at risk.

4. First Capital

A former Amazon employee was convicted of a Capital One breach in 2019, in which an employee used knowledge of vulnerabilities in Capital One's and other companies' cloud servers to steal the personal data of more than 100 million people steal. A former employee has been convicted of wire fraud and five counts of unauthorized access to a secure computer. Capital One was found guilty of breaching security and fined $80 million by the Office of the Comptroller of the Currency. Capital One is expected to pay an additional $190 million as part of the transaction.

What can we learn

This breach would not have occurred if Capital One had better secured its cloud infrastructure. With 90% of US businesses now using the cloud, we recommend that most businesses integrate Cloud Security Posture Management (CSPM) into their cloud security. CSPM provides discovery and visibility into cloud infrastructure resources and security configurations, enabling access to a single source of truth across multi-cloud accounts and environments.

5. J.P. Morgan Chase & Co.

In August 2014, JP Morgan Chase & Co. reported a breach affecting more than 76 million homes. The information compromised included their customers' contact details: names, addresses, email addresses, and phone numbers. According to UpGuard, hackers gained access to high-level administrator privileges after JP Morgan's security team failed to implement MFA after upgrading a corporate server.

What can we learn

This breach reminds us that hackers are always quick to pounce on any weakness they see in a company's security. Practicing security processes to maintain cyber hygiene is a critical but essential step in keeping an organization safe.

To avoid being on one of these lists, leaders must be knowledgeable and accomplished in security issues and provide their organizations with appropriate security solutions and training. A well-trained and well-resourced security team is much more likely to reduce the risks associated with working in the financial sector. For small organizations, consider using a third-party SOC provider to monitor your organization's security.