DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Lost and Stolen Devices Account for One in Four Breaches in the Financial Services Sector: Bitglass

Posted on August 25, 2016 by Dissent

A press release about the financial sector that may be of interest to some readers:

CAMPBELL, CA–(Marketwired – Aug 25, 2016) – Bitglass, the total data protection company, today announced the availability of its Financial Services breach report, an analysis of all breaches in the sector since 2006, with data aggregated from public databases and government mandated disclosures. The report reveals that leaks nearly doubled between 2014 and 2015, a growth trend on track to continue in 2016. The nation’s largest banks have all suffered leaks at some point in the recent past. In the first half of 2016 alone, five of the nation’s top 20 banks disclosed breaches.

The report also explores the most common causes of data leaks in the sector. Led by lost and stolen devices at 25.3 percent of breach events, financial services organizations appear to struggle with data protection on managed and unmanaged devices. While hacking accounted for a disproportionate number of individuals affected by financial services breaches, only one in five leaks were caused by hacking. Other breaches were the result of unintended disclosures, malicious insiders, and lost paper records.

“Financial institutions are prime targets for hackers and are rightfully concerned about the threat of cyber-attacks, device theft, and malicious insiders,” said Nat Kausik, CEO of Bitglass. “To stay one step ahead as data moves beyond the firewall, firms in this sector must encrypt cloud data at rest, control access by contextual risk, and protect data on unmanaged devices.”

Key findings:

  • One in four breaches in the financial services sector over the last several years were due to lost or stolen devices, one in five were the result of hacking. Fourteen percent of leaks can be attributed to unintended disclosures and 13 percent to malicious insiders.
  • Five of the nation’s 20 largest banks have already suffered data breaches in the first half of 2016.
  • In 2015, 87 breaches were reported in the financial services sector, up from 45 in 2014. In the first half of 2016, 37 banks have already disclosed breaches.
  • Over 60 organizations suffered recurring breaches in the last decade, including most major banks.
  • JP Morgan Chase, the nation’s largest bank, has suffered recurring breaches since 2007. The largest breach event, the result of a cyberattack, was widely publicized in 2014 and affected an estimated 76 million U.S. households. Other breaches at JPMorgan were due to lost devices, unintended disclosures, and payment card fraud.
  • Of the three major credit bureaus, the 2015 Experian leak was the largest, affecting 15 million individuals. Equifax has also disclosed several recent breaches, including unauthorized accesses earlier this year that affected hundreds of thousands of individuals.

Download the full report: bitglass.com/financial-breaches-2016

Category: Commentaries and AnalysesFinancial Sector

Post navigation

← UK: Four arrests after private details of vulnerable residents are ‘stolen’ from Camden Council
AU: Foster care privacy breaches span more than a decade →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million
  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident
  • U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
  • St. Cloud Provides Update on Ransomware Attack in 2024
  • Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans
  • The US Is Storing Migrant Children’s DNA in a Criminal Database

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.