15 December 2017
visit www.solutions.lexisnexis.com

Financial institutions have lost battle to protect customer data - TowerGroup

16 June 2009  |  9506 views  |  1 safelock

US financial services firms have lost the battle to protect the personal information of customers and must now assume that all their clients' data has been, or will be, compromised, according to TowerGroup.

The research firm says that despite significant media attention, increased state legislative demands, negative customer reaction and substantial costs associated with consumer data loss, millions of customer data records continue to be lost or stolen every month.

Over 100 data breach incidents containing millions of data records were reported in just the first four months of 2009.

Financial institutions must now assume that all of their clients' and prospects' personal information has been compromised or will be, says George Tubin, senior research director, financial information security, TowerGroup.

"While greater access to customer data is key for businesses to improve customer relationship management and business processes, there will always be repercussions, including the possibility of personal data landing in the hands of the wrong parties," he says.

According to a recent study from Verizon, hackers stole 285 million electronic records in 2008, more than in the previous four years combined, with the vast majority of breaches targeting the financial services industry.

Massive breaches involving Heartland Payment Systems, RBS Worldpay, Checkfree and BNY Mellon Shareowner Services have been reported over the last year.

TowerGroup says government regulators need to implement meaningful data breach prevention requirements and penalties that compel businesses to actually protect information.

The firm says that until legislative and regulatory bodies implement these penalties, data loss incidents will persist and worsen. Highly effective and usable data loss prevention practices and technologies are readily available to businesses but are "grossly underutilised", says TowerGroup's Tubin.

Meanwhile, companies should assume that traditional account information such as name, address, date of birth and account balance are useless as authentication factors. Instead they should consider using knowledge-based authentication and one-time passwords delivered via SMS.

Comments: (1)

A Finextra member
A Finextra member | 16 June, 2009, 15:26

Government regulators to implement requirements and penalties?

When government steps in, it usually means that there is not enough competition in the industry.

...will be on the lookout and welcome this government intervention which might just help companies that do offer the best security solutions that will eliminate fraud.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Heartland to fight MasterCard data breach fine

Heartland to fight MasterCard data breach fine

12 May 2009  |  11195 views  |  0 comments
Hackers steal 285m electronic records in 2008 - Verizon

Hackers steal 285m electronic records in 2008 - Verizon

15 April 2009  |  12755 views  |  0 comments
Financial fraud hit 7.5% of Americans in 2008 - Gartner

Financial fraud hit 7.5% of Americans in 2008 - Gartner

04 March 2009  |  11947 views  |  0 comments
US payment processor Heartland reports massive data breach

US payment processor Heartland reports massive data breach

21 January 2009  |  15881 views  |  1 comments
US financial institutions hit by 78 reported data breaches last year

US financial institutions hit by 78 reported data breaches last year

15 January 2009  |  9926 views  |  0 comments
CheckFree warns five million customers of hack attack

CheckFree warns five million customers of hack attack

07 January 2009  |  9642 views  |  0 comments
Wells Fargo hit by data breach

Wells Fargo hit by data breach

12 August 2008  |  15899 views  |  0 comments
Bank of New York Mellon breach hits 4.5m customers

Bank of New York Mellon breach hits 4.5m customers

22 May 2008  |  56825 views  |  0 comments
TJX breach gets bigger with 94 million card numbers exposed

TJX breach gets bigger with 94 million card numbers exposed

25 October 2007  |  9898 views  |  0 comments
Hack attack hits 300 banks

Hack attack hits 300 banks

02 June 2006  |  11340 views  |  0 comments
visit www.atos.netvisit www.response.ncr.comvisit www.solutions.lexisnexis.com

Top topics

Most viewed Most shared
satelliteRipple completes XRP Lockup
10042 views comments | 3 tweets | 2 linkedin
PSD2: Laying the regulatory foundation for a new age in paymentsPSD2: Laying the regulatory foundation for...
9456 views comments | 17 tweets | 36 linkedin
Banks and fintech startups join forces on blockchain-based supply chain pilotBanks and fintech startups join forces on...
6887 views comments | 19 tweets | 20 linkedin
hands typing furiouslyReshaping Customer Engagement & Da...
6267 views 0 | 4 tweets | 2 linkedin
Nordea takes Open APIs into live productionNordea takes Open APIs into live productio...
5814 views comments | 5 tweets | 26 linkedin

Featured job

Competitive base, double ote, benefits
London, UK

Find your next job