Last year, the number of data leaks in the Russian financial sector increased by 1.7 times compared to the previous year, reaching 48 cases. In this respect writer The newspaper Kommersant cites a study by Infowatch, a company specializing in cybersecurity. At the same time, the number of records regarding seized personal data and payment information increased 32 times to reach 44.8 million.
The article says that the data of financial sector customers is of special value to scammers, and therefore they have a large share in the total amount of leaks.
Andrey Arsentiev, head of analytics and special projects at InfoWatch, explained that the increase in indicators was due to several major cyberattacks that occurred in the Russian financial sector last year. According to the expert, the attackers stole millions of personal data records as part of each cyberattack.
As followed by company data, the share of data leaks in banks, microfinance institutions and insurance companies decreased from 92.8% to 66.5% throughout the year. At the same time, the share of leaks increased in investment companies, payment services and cryptocurrency exchanges.
Infowatch pointed out that the share of personal data, which is actively used in social engineering, decreased from 96.4% to 82.6% in cases. At the same time, the share of trade secret data leaks increased from 0% to 13%.
“External attackers are increasingly engaging in criminal relationships with company employees, motivating them to steal information requested on the black market or hack corporate networks with their help,” the study says.
Group-IB, a company specializing in cybersecurity, noted that they have not recorded a decrease in the intensity of attacks against financial companies in any area and that the number of leaks is unlikely to decrease in the near future.
16 February 2023 Central Bank Deputy Governor German Zubarev declarationthat senior managers of Russian banks responsible for information security may be personally liable if customer data is leaked. Violations and leaks will be penalized, including disqualification.
28 January Roskomnadzor knowledgeable Nearly 150 major personal data leaks following last year’s results. For 12 months, department employees conducted 78 unplanned inspections, and the fact of leakage was confirmed in 87% of cases. The courts, according to the results of the evaluation of the materials, imposed a total fine of about 1 million rubles and issued 9 warnings.