This spotlight delivers an overview of the latest cyber risks impacting the sector generally, including recent incidents and emerging threat vectors. We also highlight our insurance solutions that can address the cyber vulnerabilities faced by financial institutions. Use our insights to enhance your organisation’s cyber risk management approach.
What cyber incidents have we seen from the financial institutions industry?
In February 2024, a large international insurer disclosed that it experienced a data breach impacting over 2.5 million individuals. The company reported that attackers gained access to user accounts[EM1] of employees and contractors, as well as company administrative user data stored on the compromised systems.
The breach was discovered in February, prompting the company to trigger its incident response plan. An investigation was conducted with the assistance of external experts. As a result, the company is offering two years of free credit monitoring services to the affected individuals.
Read more here keyboard_arrow_right
An American bank reported a ransomware attack targeting systems of one of their service providers. The attack affected over 55 thousand individuals. Reportedly, the breach involved unauthorised access to personal data, including account numbers and credit card information. The bank notified the customers approximately 90 days after the breach, potentially failing to meet timeframes indicated by the data breach notification laws.
Read more here keyboard_arrow_right
In May 2024, the bank identified that some of its systems were not working properly. Following internal investigation, the bank learned that this was due to unauthorised activity caused by an employee clicking on a malicious link. When the bank refused to pay ransom, the criminals leaked the data they got access to. The bank engaged with cybersecurity specialists, initiated its incident response process and stopped the attack. External specialists helped to investigate the cause and extent of the event and restore bank’s services.
Read more here keyboard_arrow_right
The credit union reported a serious security incident leading to the unavailability of its services, including online banking, mobile app, direct deposits, transfers and card transactions. It has been reported that the incident impacted over half a million of the credit union members. The credit union reported that the event had been caused by a ransomware attack that ultimately required them to proactively shut down some of its banking systems in order to contain and remediate the issue. As part of their response to the incident, the union established a website informing about their security updates, as well as a dedicated call centre and offered two-year complimentary credit monitoring service to the affected individuals.
Read more here keyboard_arrow_right