Skip to main content
close search
site logo
Dive Brief

62% of breached data came from financial services in 2019

Published Dec. 23, 2019
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Jp Valery for Unsplash

Dive Brief:

  • The financial services industry contributed 62% of exposed data in 2019, though it accounted for only 6.5% of data breaches, according to a Bitglass report, compiled from data by the Identity Theft Resource Center (ITRC) and the Ponemon Institute.
  • Capital One was a leading contributor to the total amount of compromised data this year, following its data breach announced in July. The bank hadn't suffered a breach since 2014. Since 2009 and 2010, American Express and SunTrust Bank suffered the most breaches since 2009 and 2010, with five breaches each.
  • Across industries, financial services has the second-highest cost per breached record, behind healthcare. In financial services, an average breach costs $210 per record, while a "mega breach," like Capital One's, can cost up to $388 per record. In healthcare a breach can cost $429 per compromised record, according to the report.

Dive Insight:

Data breaches are forcing companies to harmonize security and privacy practices. 

California's privacy law is about a week away from enactment, and like the General Data Protection Regulation (GDPR) consumers have right to action following data breach. The California Consumer Privacy Act also affords companies a 30-day grace period to correct its violations

Banks have a higher expectation for fast breach response than other companies, reports Banking Dive. Two-thirds of consumers would quit business with a bank if their breach response was slow or ineffective. 

Less than one-fifth of companies feel confident they can inform privacy regulators of a breach within 72 hours, according to data from Ponemon Institute and McDermott Will & Emery

Capital One disclosed its breach within days of discovering unauthorized access of its network. A misconfigured web application firewall(WAF) led to the 106 million-person breach.

Hackers have an abundance of WAF flaws to choose from and exploit, but security flaws don't always lead to "reportable breaches" under privacy regulations. Unavailable systems or inappropriate security use don't fall under the purview of breaches worthy of reporting, according to Ponemon Institute. 

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
Graphiant Predicts Transformative Changes in Enterprise Connectivity and Data Assurance for 20…
From Graphiant
November 20, 2024
Newgen and Fadata Join Forces to Optimize Insurance Content Management
From Newgen Software
November 13, 2024
NeuBird Named a Cool Vendor in the 2024 Gartner® Cool Vendors™ in IT Operations Leveraging Gen…
From NeuBird
November 11, 2024
Viz.ai Wins Prestigious Prix Galien USA Award for Best Digital Health Solution
From Viz.ai
November 12, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell