5 Recent Big Cyberattacks and What Financial Companies Need to Know about Protecting their Data

5 Recent Big Cyberattacks and What Financial Companies Need to Know about Protecting their Data

While maintaining a business website is important, you owe it to your clients to ensure, first and foremost, that their data is safe from harm. Cyberattacks run rampant across the internet, and hackers target large and small businesses alike. For example, in 2014, an attack on JPMorgan Chase affected almost 80 million homes, and in 2013, another attack on Target cost the company upwards of $60 million. While cybercrime isn’t new, the number of businesses targeted by attackers is on the rise.

For many online criminals, the focus is on financial companies, although any business with access to consumers’ financial information is also a potential target. Read on to learn more – including what your own financial company can do to protect itself.

5 of the Biggest Cyberattacks in Recent History

1. Home Depot

Cyberattacks tend to have one season in common: the winter holidays. With Black Friday and the subsequent weeks of holiday shopping, corporations all over the world are more susceptible than ever to cybercrime.

This was certainly the case for Home Depot during the 2014 holiday season. By falsifying their identity as a company vendor, the attackers accessed over 50 million credit and debit card numbers that were processed through the store’s self-checkout lanes.

2. Sony

In November of 2014, a massive attack cleared multiple internal centers of all their data. Stolen items included Social Security information, film contracts, salary documentation, budgets, and entire feature films. Famously, this attack resulted in Sony Pictures’ canceling the release of The Interview, which led President Obama and national security officials to believe that North Korea was at fault.

3. Forbes

Forbes was subject to multiple cyberattacks in 2014. The first took place in February, when the Syrian Electronic Army used phishing attacks to target administrators’ accounts. The criminals posted fake news stories and threatened to sell 1 million users’ information – and then announced themselves on Twitter as the culprits. The Syrian Electronic Army has stated that the attacks on Forbes aren’t over.

In November of 2014, Forbes was targeted again – this time (allegedly) by a Chinese group of hackers. This breach was much smaller in comparison, but it specifically targeted Forbes users who worked for financial institutions.

4. Target

Target was the victim of one of the biggest data breaches in history in December of 2013. Hackers stole credit and debit card information belonging to more than 40 million customers, in addition to over 70 million individual email and mailing addresses. As with the Home Depot attack, the hackers used company vendors’ information to access the data.

The hack job was actually quite simple, according to Bloomberg analysts. Target had set up a huge malware detection tool called FireEye, which was developed by the CIA and operated out of Bangalore. As the hackers’ malware began stealing customers’ credit card numbers, the FireEye alerted the Bangalore-based technicians, who then sent the warning to Target’s Minneapolis-based security team.

Unfortunately, that’s where the security lines ended, and after Target received the warnings, the company stood by as hackers siphoned off tens of millions of people’s personal information.

5. JP Morgan Chase & Co.

During the summer of 2014, a massive attack on JP Morgan Chase by a group of Russian hackers took place. Over 83 million households that used the megabank’s services were targeted, but the reason for the breach has not been made clear because no evidence was ever posted of identity theft.

For the most part, the bank was able to halt the attack before any critical data was compromised. However, the fact that JP Morgan Chase is the nation’s largest financial institution definitely left consumers with concerns about their most sensitive data.

How to Protect Your Financial Company’s Data

Before implementing any major internal changes around data protection, experts advise conducting a risk assessment, which will allow you to figure out your financial company’s precise weak points and determine next steps. Regardless of your status, make sure your software and IT systems are equipped to handle today’s cybersecurity threats in a mobile-first, cloud and data intensive world. CIOs and CSOs need to think beyond existing legacy solutions and methods – everything is now different with this paradigm shift.  The forward-thinking approach for financial firms is to focus on how to secure the actual data everywhere and anywhere.  Data protection should be designed, starting at the data itself and moving outwards with additional security layers. It’s important to take any necessary steps for keeping your data safe from harm, not just your networks – this includes any and all access points such as your website, mobile applications, data storage and employee communications.