Financial data is some of the most sensitive information cybercriminals take advantage of, which leads to devastating consequences for clients who have put their trust in a company that did not have proper security measures.
Businesses should ensure they are compliant with regulations by developing strong policies. They should also carefully examine internal and external security measures to prevent falling victim to an attack.
Here are the finance industry’s five most significant data breaches and what can be learned from them.
First American Financial
On Memorial Day weekend 2019, security researcher Brian Krebs found 885 million documents from First American exposed online. These documents contained highly sensitive information, such as bank account numbers, statements, tax documents, and wire transfer receipts. Millions of customers’ data were free for the taking.
How It Happened
A website design error called Insecure Direct Object Reference allowed the data to leak. This happens when a page is for a specific group of people, but no authentication prohibits anyone who stumbles onto the page from viewing the information.
How to Avoid It
A simple website code error led to millions of sensitive documents that cybercriminals may have accessed. A few things can be done to prevent this from happening:
- Hire skilled web developers and designers that know how to secure any possible links to sensitive pages.
- Implement policies to review website code before it launches to detect authentication errors like what First American faced.
- Set up a data leak monitoring system.
Equifax
This was perhaps the most disastrously handled data breach ever. In September 2017, Equifax informed its customers that cybercriminals accessed 147 million accounts that included documents with names, birthdays, Social Security and credit card numbers, phone numbers, and email addresses.
Equifax had learned of the breach a month earlier but failed to communicate quickly with its customers and ended up with $700 million in fines.
How It Happened
The primary source of blame for this data breach was a hole in its open source developing framework. The breach lasted months partly because the company also failed to renew an encryption certificate for its internal tools.
How to Avoid It
One of the most frustrating things for users about this breach is that it was avoidable.
Maintaining a website’s security programs and regularly applying updates are simple tasks a web development team can do to avoid a situation like this.
Heartland Payment Systems
In 2008, Russian hackers breached Heartland and accessed over 100 million credit and debit card numbers. Albert Gonzales and two unidentified associates were arrested and sentenced to 20 years in prison for the hack.
Soon after, cyber criminals broke in and physically took 11 computers, affecting 2,200 more users.
How It Happened
The hackers spent around six months working their way into Heartland’s system using an SQL injection before installing sniffer software to intercept data.
Afterward, the criminals were able to access the company’s payroll office.
How to Avoid It
A few things caused the Heartland breach:
- Heartland was compliant with required procedures but did not provide enough security to prevent data from being breached. Evaluating and securing their data servers could have helped prevent the hack.
- Heartland’s offices had outer security measures but not internal ones that could have detected the problem when the theft occurred. Inside security systems would have alerted Heartland and possibly stopped the robbery.
Capital One
In March 2019, an Amazon Web Services worker broke into and leaked the information on millions of credit card applications containing Social Security and bank account numbers. Over 100 million users in the United States and Canada were affected.
How It Happened
Paige A. Thompson accessed the server that contained applications submitted as far back as 2005 and leaked the information on GitHub. Her lack of subtlety led to her quick capture, but the damage was done.
How to Avoid It
Thompson accessed the cloud due to insecure firewalls. Using protection such as an attack surface monitoring software can help identify vulnerabilities.
JPMorgan Chase
Cyberattackers in Brazil accessed 90 servers with personal customer information.
The attackers avoided taking the available financial information and grabbed contact information from 83 million personal and business accounts.
How It Happened
The attackers breached the perimeter through a security vulnerability and gave themselves administrative privileges to access the information, like names, login info, phone numbers, and email addresses.
How to Avoid It
A simple cybersecurity error caused this breach. When JPMorgan upgraded one of its servers, it failed to implement secure authentication. Companies should secure their servers after upgrading to prevent this.
Avoiding Data Breaches
These companies are still being impacted by their data breaches. It’s worth spending the time and money to have a quality team that can secure customer information and fixes any weaknesses.
