Of the 285 million successful data breaches investigated by Verizon Business last year, 99% of the data was stolen from servers and applications, not desktops, mobile devices, or portable media. Additionally, over 90% of the 285 million successful data breaches involved organizations that provide financial services.

Experts attribute the proliferation of cybercrime in the Financial Services sector to the recent and lucrative trend toward personal identification number (PIN) fraud.

Hackers who successfully associate a stolen PIN with the appropriate credit card or debit account information can steal cash directly from the consumer’s account. This type of attack, where money is taken “legitimately” from checking, savings, and/or brokerage accounts is more difficult to trace and almost impossible for consumers to defend.

Cyber criminals have been quick to react to the vulnerability, re-engineering processing and developing new memory-scraping malware making it easy to obtain and store PIN details.

While Financial Services Organizations accounted for most of the data compromises, they were not the most targeted sector:

• Retail Industry #1 at approximately 33% of all attacks
• Financial Services #2 at approximately 30% of all attacks (highest growth, +16% from previous years)
• Food and Beverage Services #3 at approximately 14%

These statistics (30% of attacks, 90% of successful breaches) indicate that security measures presently in place with financial institutions are severely underdeveloped.

(more…)