According to our 2018 Year-End Breach Report, a total of 135 financial, credit and banking records were breached last year, exposing 1,709,013 records. According to the report, the banking/credit/finance sector had the third-highest number of data breaches across five industry categories, followed by the Identity Theft Resource Center. Of all data breaches recorded in 2018, hacking was the most common form of data breach. This trend was observed in our 10,000 Consecutive Data Breaches blog series and continues to play a significant role in financial, credit, and banking data breaches.
Sign up for our monthly ITRC Breach newsletter for more information on these data breaches.
This is one of the many reasons the ITRC has been working since 1999 to provide victims of financial, credit and bank identity theft with the resources they need to solve their cases. This includes helping people to proactively reduce their risk of becoming a victim of identity theft. Since 2005, the ITRC has recorded more than 10,000 publicly disclosed data breaches in its aggregate monthly and year-end reports.
Last month we looked at some of the biggest data breaches by government and military. We now focus on the five most serious financial, credit, banking (and bonus) breaches for consumers.
First capital
Just three months ago, on July 29, 2019, Capital One announced that a hacker had accessed 100 million Capital One customer accounts in the United States and six million in Canada in March 2019 and requested their credit card. a data breach that exposed names, addresses, dates of birth, email addresses, credit ratings, credit limits, payment histories, and balances. Around 140,000 Social Security Numbers (SSN) and 80,000 linked bank account numbers were also exposed.At the time of the breach, the ITRC urged consumers to take action, freeze credit, monitor fraud and document any action taken in the event of a breach (using our Identity Theft Assist app as the sole tool). This breach was particularly serious due to the large number of social security numbers and bank accounts exposed and the gargantuan number of accounts accessed. A stolen social security number can lead to many types of identity theft, including financial, government, criminal, medical, and fraudulent.
JPMorgan Chase & Co.
First reported August 2014, JPMorgan Chase & Co.suffered a cyberattack that gave hackers access to the personal information of 76 million households and 7 million small businesses. The information obtained included names, addresses, phone numbers, email addresses and internal JPMorgan Chase & Co. information about these users. Customers affected by this violation include those who have used Chase.com, JP Morgan Online, Chase Mobile and JP Morgan Mobile.This affected many of JPMorgan Chase & Co.'s customers, as in many states JPMorgan Chase & Co. was not required to issue consumer alerts due to the failure to disclose sensitive information such as account numbers, passwords, dates of birth and social security numbers in the breach. Instead, Chase made a blanket statement on his website's home page. This has left some sufferers on their own as to what to do.
card systems
Credit card processing company CardSystems Solutions, Inc. discovered in May 2005 and reported a month later that it had suffered a data breach in which a hacker may have planted a virus in a computer system from which it had intercepted customer data. Approximately 40 million Visa and MasterCard credit and debit card accounts are affected. After the breach, Visa said it will continue to work with CardSystems once the issue is resolved. MasterCard said it will give CardSystems a limited time to demonstrate compliance with MasterCard's security requirements.The data breach led to Visa and MasterCard dropping CardSystems as credit card processors. An important point for consumers to understand here is that many institutes use third-party providers that can adversely affect their data, even if the consumer is as vigilant as possible.
BNY Mellon Shareholder Services
On February 27, 2008, Bank of New York Mellon (BNY Mellon) lost a box of backup tapes containing the names, addresses, dates of birth and social media security numbers of 12.5 million customers in transit to the warehouse. Connecticut Attorney General Richard Blumenthal said he was concerned and deeply concerned at the time of the injury. Notification letters were sent out to affected individuals in May, and the impact of the breach was such that the bank hired more customer service representatives to handle the influx of calls from affected customers. This is a reminder that if you are a victim of a violation, it is important that you take the necessary steps to protect yourself.
Scottrade
In October 2015, retail brokerage firm Scottrade, INC. revealed that hackers stole the contact details and SSNs of 4.6 million customers. In an email notification sent to customers, Scottrade said that while the company included SSNs, email addresses and other sensitive data in the system accessed, it assumed that only customers' names and addresses were targeted by the company. However, the company said it would offer identity theft protection services to victims "as a precaution".At the time, federal authorities were also investigating similar thefts by other financial services companies. It's important for consumers to be aware that even if a company believes only certain records are being targeted, any data that may have been compromised puts the individuals at much greater risk than the company in its notification can specify.
Violation of Bonus: First American Financial Corp.
In May 2019, it was reported that financial services company First American Financial Corp. published 885 million real estate and mortgage documents through its website.By simply changing the nine-digit registration number associated with the transaction link, users could potentially upload other transactional documents containing information such as names, phone numbers, addresses, driver's licenses, social security numbers, bank account numbers and statements, mortgage and tax documents. and billing transfer operations. In a Financial, Credit and Banking Data Breach update released by First American, the investigation identified just 32 consumers whose non-public personal information was likely accessed without authorization. This breach could result in mortgage scams, where the hacker attempts to take out a loan on the victim's behalf, as well as other types of scams such as B. Title Fraud.
By summarizing the last 10,000 data breaches, we hope to help victims understand how to minimize risk and mitigate data breaches.
In our latest blog, 10,000 Data Breaches Later, we look at some of the biggest data breaches in education since 2005 and how they impacted children, parents and teachers.