Financial Services data breaches have risen by 480%
According to recent research, UK financial services firms reported a whopping 480% more data breaches in 2018 than in 2017. And, in the sector, retail banking saw the most substantial rise in the number of data breach reports, jumping a staggering 2400%.
But why are we seeing this increase?
Financial data breaches are on the rise
Hacking is now big business and organisations that hold financial data are a particularly lucrative target. For example:
- Last year, Tesco Bank was fined £16.4m after a 2016 cyber-attack that saw £2.26m taken from personal current accounts
- Over £500m was stolen from British banking customers in the first half of 2018
- In 2018, seven UK retail banks, including Santander, Royal Bank of Scotland, Barclays and Tesco Bank suffered sustained attacks that cost them hundreds of thousands of pounds.
But in many cases, its human error rather than cybercrime that is the biggest cause of financial data breaches. And, these errors are just as likely to happen offline. In a recent case, our solicitors saw the impact of what can happen when a person's financial information was sent to the wrong address by mistake.
Cybercriminals are becoming increasingly sophisticated
While the majority of attackers are still going after easy "low-hanging fruit" there are signs that cybercriminals are becoming increasingly sophisticated.
For example, AI-assisted imposters are set to become an increased threat. With machine-learning helping to make existing cyber-attack efforts like identity theft, denial-of-service attacks and password cracking faster, more formidable, and more effective.
Furthermore, as we move deeper and deeper into the Internet of Things (IoT), more and more devices and data are going to be connected to the internet. Keeping these safe from hackers is going to be an ongoing challenge.
Self-reporting has increased
The General Data Protection Regulation (GDPR), now requires organisations to report data breaches within 72 hours or face penalties. This is also likely to be a critical factor in the increase of reports. It is also probable that we will continue to see a dramatic increase in data breach reports now that self-reporting is mandatory.
On a positive note, some experts suggest that businesses are getting better at identifying and reporting cyberattacks. And if the financial services industry is now taking cybersecurity more seriously, this can only be a good thing for customers.
Awareness is crucial
At Hayes Connor, we believe that raising awareness of the growing cybersecurity threat will help organisations across the UK improve their data protection processes. But it's also vital that we all do our bit to protect ourselves as individuals.
When it comes to protecting yourself from financial fraud, UK Finance offers the following advice:
- Never disclose security details, such as your PIN or full banking password
- Don't assume an email, text or phone call is authentic
- Don't be rushed - a genuine organisation won't mind waiting
- Listen to your instincts - you know if something doesn't feel right
- Stay in control - don't panic and make a decision you'll regret.
In addition, we would suggest that you also:
- Keep an eye on your bank and credit card statements to see if there is anything you don't recognise
- Make sure you read your credit card statements and other letters that come from your bank
If your identity has been stolen, you should:
- Contact your bank/credit card provider immediately
- Consider a credit freeze until the matter is resolved
- Report the scam to the police and contact Action Fraud for advice on what to do next
- Let the credit reference agencies know of any activity that was not down to you
- Register with the Cifas protective registration service. This will slow down credit applications made in your name with additional verification checks made to ascertain that the applicant is actually you.
For more advice on how to keep your data safe, follow us on Twitter and Facebook. Alternatively, if you have been the victim of a data breach or cyber fraud,find out how we can help you to recover any lossesor give us a call our helpline numberto discuss your case in more depth.