A growing number of digital technologies disrupt various financial services sectors in many aspects. The things are unlikely to slow down and get better anytime soon despite the fact that a lot of scrutiny and attention have been dedicated to the data security of legacy banks.
High-profile breaches are endangering personal information on the Internet. Nobody is safe even the business giants like Axa Insurance Singapore and Equifax.
Last week, two severe security breaches happened, and the victims were Equifax and AXA Insurance Singapore. These incidents should serve as a timely reminder that the huge incumbents in the finance industry are not exempt from hacker attacks. Those companies need to consider reinforcing data protection measures if they don’t want to be the next victim of a cyber crime.
A hack that has hit Credit reporting bureau Equifax (EFX) left as many as 143 million Americans exposed! This is almost half of the population of the United States, which makes this breach one of the biggest hacker attacks to date. It is one of the worst data breaches ever not only because of a large number of victims but also in terms of the sensitivity of information exposed.
If you don’t know, Equifax is the oldest of three nationwide credit reporting agencies in the U.S., which collects, rates and tracks the consumers’ financial history. The company is founded in 1899.
Based in Atlanta (Georgia, US), it aggregates personal information on over 88 million businesses as well as more than 800 million individuals throughout the world. Equifax gets data from retailers, banks, lenders, and credit card companies. It operates in 14 countries and has about 9,000 employees.
The breach was lasting approximately two months from mid-May to July, according to Equifax. During this period, the hackers have managed to gain access to customers’ personal information like names, addresses, birth dates, driver’s license numbers, and Social Security numbers. Thanks to a weakness on Equifax’s website in a certain application, they have stolen credit card numbers for around 209,000 consumers as well as dispute documents for about 182,000 people. The hack was discovered on July 29 this year, and it was publicly announced after more than a month on September 7.
The vast majority of victims are U.S. customers, but the users from Canada and the United Kingdom have also been impacted by this theft. Equifax has not said how many people were hit beyond the United States, but it said that the notices will be sent via email to those whose dispute records or credit card numbers were breached. Also, the company claimed that there is no evidence that its users in other countries — beyond the United States, Canada, and U.K. — have been affected.
As opposed to the similar data and security breaches, this one has been invisible for many. A lot of Equifax customers don’t know at all that they have become the victims of this unprecedented cyber crime. If you have had any credit file with this agency, it’s highly likely that some of your information was affected by the data breach.
After that incident, Equifax has created more dedicated website regarding the remedial action with a goal to let consumers easily check the access of their information. Besides, the website offers free credit identity theft protection and file monitoring. The company also starts engaging in selling personal information of its customers to third-party credit scores. That activity is supposed to ensure that the company is invulnerable against the future hacker attacks and data breaches.
Equifax has not clearly clarified who was behind this crime, but it said that an investigation is ongoing.
A data breach that was hit AXA Singapore put more than 5,400 customers at risk! It has affected both past and current consumers of the AXA Insurance’s online portal. As a result, personal details of about 5,400 people in Singapore has been stolen. Although this cyber crime is less severe by volume than the breach that has affected Equifax, the consequences are quite significant.
Just to mention that Axa Insurance Singapore is an insurance company that provides a wide range of services for both business and personal needs. The company has about 166,000 employees and presence in 59 countries worldwide. With more than 100 million customers and €99 billion income, this is one of the leading insurance companies in the world.
How did the breach happen? Axa Insurance Singapore has been using information such as dates of birth, email addresses, and mobile numbers to send one-time passwords to its customers when they want to log in. According to this life insurance firm, the level of penetration involves a small risk of identity theft, but more sensitive info like next-of-kin details, NRIC number, credit card or bank numbers, and health status, was not accessed at all. Unfortunately, the hackers have found the way to obtain personal information by means of phishing scams.
Axa Insurance Singapore notified the affected consumers of the data breach via emails on September 7 and Sept 8. Jean Drouffe, the chief executive officer of AXA Singapore, said that the customers can rest assured that the Health Portal of the firm is now completely safe. Yet, the customers are advised to stay alert because of the possible phishing scams in the future.
The company has allegedly taken action which should ensure that a breach recurrence won’t happen again. It has pledged roughly $900,000 to a program that is meant to develop more effective data protection methods.
So, what’s the bottom line? While many businesses and companies are using support packages such as Bing Digital, which address site disruptions, downtime, and other issues, they will have to pay more attention to data breaches.
Aside from optimising the websites, financial institutions will have to work more on improving their cyber security in the future. Cyber attacks are still deemed to be a “secondary consideration” in many financial sectors and banking. What’s more, some regard cyber crime as an unlikely event.
Incumbents and officials working in financial services will have to wake up, especially those involved in a digital economy. This is the most vulnerable sector where data breaches mainly occur. That requires a big shift in the finance industry mindset though.