Financial Services Report Five-Fold Rise In Data Breaches

Financial services companies reported a five-fold rise in data breaches last year over the year before, as banks remain a lucrative target for hackers.

The sector reported 145 breaches to the Financial Conduct Authority (FCA) last year, up from 25 in 2017.

Investment banks reported the highest number of incidents, at 34, up from only three the previous year.

But retail banks saw the highest increase in percentage terms, from 1 to 25, according to data acquired by law firm RPC via a freedom of information request.

Sensitive data

RPC said hackers could be targeting investment banks in the belief that their security systems are less sophisticated than those of retail banks.

But they may also be seeking data on sensitive topics such as mergers and acquisitions that could be used for insider trading.

US regulator the SEC, for instance, is investigating a number of insider dealing cases linked to data breaches.

Insurers reported 33 breaches in 2018, up from seven in 2017, while consumer retail lending firms saw reports go from four to 21.

Retail investments firms reported 11 in 2018, up from none the previous year.

Regulatory shift

RPC said the higher number of reports was also likely to be due in part to the introduction of the GDPR, which mandates the reporting of data breaches within 72 hours.

In June of last year, for instance, the first full month in which the GDPR was in effect, financial firms filed the highest monthly total of data breach reports, at 20 reports.

RPC’s head of cyber insurance and breach response, Richard Breavington, said banks are a “top target” for hackers.

“The figures suggest that the banks are suffering data breaches on a frequent basis,” he said.

“The increase in reports, however, does show that the financial services industry is now taking cyber security more seriously than ever.”

Last April it emerged that seven UK retail banks, including Santander, Royal Bank of Scotland, Barclays and Tesco Bank, had to limit or shut down systems after sustained attacks, and in October Tesco Bank was fined £16.4 million by the FCA following a 2016 hack in which £2.26m was stolen from current accounts.

RPC’s Breavington said fewer than 100 cybercriminals were prosecuted under the Computer Misuse Act annually, compared to much higher numbers of cyber-crimes being reported across all industries, showing how the area is relatively attractive for hackers.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

So, you want to be a CIO?

The role of the CIO is evolving with more of a focus on revenue and strategy, according to the 2019…

1 day ago

Twitter Demands AI Firm Cease Facial Image Collection

Privacy concern. Cease-and-desist letter from Twitter to AI firm Clearview demands it stop collecting photos from social media platforms

1 day ago

Sonos Boss Apologises For Update Controversy

Sonos CEO says sorry for anger caused by its update policy, and says it will support legacy products “for as…

1 day ago

Apple Cautions EU About Common Charger Push

Apple has cautioned against the renewed EU push for a common mobile charger, warning that losing its Lightning port will…

2 days ago

US Tells UK It Still Has ‘Significant Concerns’ Over Huawei

With a UK decision on Huawei expected by the end of the month, US officials maintain 'significant concerns' about the…

2 days ago

Apple Fixed Tracking Flaws In Safari, But Google Director Disagrees

Google identified multiple privacy flaws in Apple's Safari browser, which the iPad maker said it has fixed, but a Google…

2 days ago