Security Spotlight: Financial Services Facing Cyberattacks
Blog Article Published: 02/12/2019
By Will Houcheime, Product Marketing Manager, Bitglass
Here are the top cybersecurity stories of recent months:
—Customer information exposed in Bankers Life hack
—American Express India leaves customers defenseless
—Online HSBC accounts breached
—Millions of dollars taken from major Pakistani banks
—U.S. government infrastructure accessed via DJI drones
Customer information exposed in Bankers Life hack
566,000 individuals have been notified that their personal information has been exposed. Unauthorized third parties breached Bankers Life websites by obtaining employee credentials. The hackers were then able to access personal information belonging to applicants and customers; for example, the last four digits of Social Security numbers, full names, addresses, and more.
American Express India leaves customers defenseless
Through an unsecured server, 689,262 American Express India records were found in plain text. Anyone who came across the database housing this information could easily access personally identifiable information (PII) such as customer names, phone numbers, and addresses. The extent of access is not currently known.
Online HSBC accounts breached
HSBC has announced that about 1% of its U.S. customers’ bank accounts have been hacked. The bank has stated that the attackers had access to account numbers, balances, payee details, and more. Naturally, financial details are highly sensitive and must be thoroughly protected.
Millions of dollars taken from major Pakistani banks
According to the Federal Investigation Agency (FIA), almost all of the major Pakistani banks have been affected by a cybersecurity breach. This event exposed the details of over 19,000 debit cards from 22 different banks. This was the biggest cyberattack to ever hit the banking system of Pakistan, resulting in a loss of $2.6 million dollars.
U.S. government infrastructure accessed via DJI drones
Da Jiang Innovations (DJI) was accused of leaking confidential U.S. law enforcement information to the Chinese government. DJI quickly denied the passing of any information to another organization. However, it has since been determined that DJI’s data security was inadequate, and that sensitive information could be easily accessed by unauthorized third parties.
To defend against these threats, financial services firms should adopt a comprehensive security solution like a cloud access security broker (CASB.)
To learn more about the state of security in financial services, download Bitglass' 2018 Financial Breach Report.