Data breaches are a major threat within any industry and can seriously threaten a company's reputation, economic viability, and customer base. Data breaches within financial institutions are especially damaging, since they not only compromise private and sensitive data but are often the footholds for subsequent financial theft.
Unfortunately, various sources including Business Insider report that data breaches at financial institutions are increasing. And as a February 2019 report from Akamai has noted, another industry is facing harder hits, too.
Keep reading to understand how data breaches involving application program interfaces (API) in retail may impact the financial industry, as well.
According to Akamai's 2019 State of the Internet/Security: Retail Attacks and API Traffic report, cyber attackers launched a credential abuse technique called credential stuffing against retail sites over 10 billion times between May and December of last year. Credential stuffing relies on multi-functional bots and tools that allow hackers to target multiple retailers at once.
Credential stuffing is a technique that allows hackers to steal login information, breach APIs, and subsequently access private and sensitive information. Once hackers are able to access accounts on these retailer platforms, they are able to steal private information that has a high value on the black market and dark web, including credit card information and demographic information.
But while the Akamai report focused on the impact within the retail industry, the report's authors also pointed out that hackers use this same method to target login pages on banks, as well (in addition to music, entertainment, hotel, and travel sites).
The following are a few major takeaways from a comprehensive report from Business Insider on business and operational models within the financial services industry.
And as Akamai reports, hackers are often correct in assuming that consumers tend to use the same login credentials (e.g., username and password) for multiple accounts. For this reason, the significant amount of data theft ongoing within the retail industry may be tied directly to breaches seen in the financial industry.
To protect your financial institution (and clients) against API breaches, try the following strategies:
Are you concerned about API breaches within your financial services firm? Have you taken the necessary precautions to protect yourself against malicious users and cyber crime from inside and outside your company?
How prepared is your business for a cybersecurity incident?
Contact Integrity Technology Solutions to find out how we can help.