The number of breaches reported by financial institutions has increased dramatically:
“The number of data breaches reported by UK financial services firms to the Financial Conduct Authority (FCA) increased 480% in 2018, to 145 up from just 25 in 2017*, shows research from RPC, the City-headquartered law firm
Hackers target industries that possess the most data. Financial services, along with sectors such as healthcare, are the obvious targets.
Data breaches are on the rise. And, the financial services sector is an especially lucrative target; along with the personal data bulging healthcare sector.
In the financial services sector, the retail banking sector saw the largest percentage increase in the number of data breach reports, rising to 25 in 2018 from only one in 2017.
This should raise concerns about the number of cyber criminals targeting bank accounts. Tesco Bank, for example, was fined £16.4m by the FCA in October 2018 as a result of a cyber attack that led to £2.26m being taken from personal current accounts**.
On the other side, RPC has revealed that wholesale financial markets firms–such as investment banks–reported the most data breaches to the FCA in 2018: 34 compared to just three in 2017.”
Almost certainly this increase in reporting is associated with GDPR mandated reporting requirements more than it is with a fourfold increase in successful hacks, suggesting breaches were often buried by the target institution:
“June 2018, the first month after the introduction of the General Data Protection Regulation (GDPR), saw the highest monthly total of data breach reports, with 20 data breaches reported by financial services firms. ”
No matter how one looks at these numbers it is clear financial institutions need to increase their focus and spending on IT in order to establish better defenses.
Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group
