Cybersecurity Awareness Month: 5 Top Breaches in the Finance Sector

October is the National Cybersecurity Awareness Month (NCSAM). It is an effort by the government and the industry to reaffirm and raise awareness about cybersecurity. They ensure all Americans have a sound understanding of how cyber breaches occur and affect people, and the resources to be more secure online.

In this tech-infused world, where attackers are constantly evolving their ways, staying safe and protected is an absolute necessity. The list of potential threats that loom over businesses and individuals is growing by the hour, and there is only so much we can do to secure ourselves.

Therefore, throughout October, initiatives such as European Cyber Security Month and Cyber Security Awareness Month (in Canada) are used to raise awareness among the masses to follow cybersecurity protocols and protect their personal, financial, and organizational information.

Top Breaches in the Financial Sector

Here’s a roundup of what happened, why it happened, and the after-effects of the top breaches that impacted the finance industry.

1. Capital One

One of the most significant data breaches ever, the Capital one data breach compromised sensitive data of over 100 Mn customers, including their credit card information.

Paige Thompson is accused of violating one of Capital One’s servers and gaining access to 140,000 Social Security Numbers, 80,000 bank account numbers, and 1 Mn Canadian Social Insurance Numbers, besides an undisclosed amount of people’s addresses, names, credit limits, credit scores, balances, and other data, as per the bank and the US Department of Justice.

The 33-year-old attacker lived in Seattle and previously worked as a tech software engineer with Amazon Web Services, the cloud hosting which Capital One used. She was able to access the information by exploiting a misconfigured web app firewall, according to a court filing.

The breach occurred on March 22 and 23 this year and compromised credit card applications as far back as 2005. The company incurred a cost between $100 Mn and $150 Mn for the hack, including customer notifications, tech costs, credit monitoring, and legal support.

2. Equifax

The Equifax attack happened on July 29, 2017, impacting the personal information, including birthdates, addresses, Social Security Numbers, and driver’s license numbers of 143 Mn customers; credit card data was exposed for 209,000 consumers.

By March 2018, the company had increased the number of impacted customers, bringing the tally to 147.9 Mn. The data breach also included dispute documents with personal identifying information for around 182,000 US customers.

One of the largest credit bureaus in the U.S. was affected by cybersecurity breach because of an application vulnerability on one of their websites that exposed customer records and sensitive information associated with them.

3. First American Financial Corporation 

The Memorial Day weekend saw a rough start for millions of Americans. Security researcher Brian Krebs discovered over 85 Mn sensitive documents exposed online by insurance giant First American Financial. 

The files were stored on the company’s website firstam.com and contained bank statements, bank account numbers, mortgage records, wire transfer receipts, tax documents, Social Security Numbers, and photos of driver’s licenses. The information dated back to 2003 and was available for anyone who knew where to look – without any protection.

It was difficult to gauge the widespread effect of the breach as the information sat leaked on the website. There was no sounding alarm with a clear violation of the companies servers or any evidence that a third-party gained access to their systems without permission. 

Consequently, anyone who stumbles across the link can view the documents and al related ones by merely modifying the link. Therefore, the hacker would only have to identify an authorization error on the website and walk through an open door. It was hard to point out how many people were affected in this case.

4. JP Morgan Chase

The 2014 JPMorgan Chase data breach against the American bank is said to have compromised information associated with over 83 Mn accounts – 76 Mn households and seven Mn small businesses.

A Russian hacker, Andrei Tyurin, was accused of the attack on JPMorgan and about a dozen other companies. The attackers appeared to have got their hands on a list of applications and programs that run on the bank’s computers. They would crosscheck these applications with known vulnerabilities in each web app and program, searching for an entry point into the bank’s systems.

When it comes to an IT infrastructure, complexity breeds threats. The more complex an IT system, the easier it is for attackers to find a vulnerability that was ignored or never detected and exploit it. JPMorgan Chase’s $250M annual cybersecurity budget couldn’t save them this embarrassment.

5. Heartland Payment Systems

Dated March 2008, the Heartland Payment Systems breach compromised the data of 134 Mn credit cards through a SQL injection attack that installed spyware on the company’s data systems.

When the breach happened, Heartland was processing 100M payment card transactions per month for 175,000 merchants- a majority of whom were small and mid-sized retailers. Heartland had to pay out an estimated $145 Mn in compensation for fraudulent payments.

The continuing vulnerability of several web-facing applications makes SQL injection a common form of attack, despite so much awareness around it.

Learn More : How Can Financial Services Combat the Threat of Cybercrime

All of these cybersecurity breaches within the finance sector in the US tell us that payments organizations, banks, and other financial institutions need to be equally aware of the risks and actively take steps to mitigate them. 

With WeSecureApp’s penetration testing services, you can discover the underlying vulnerabilities in your system and take immediate steps to plug them. Talk to us to know our solutions!