Last year saw a sharp rise in data breaches within the financial sector, with incidents increasing by about 1.7 times compared to the year before, totaling 48 reported cases. A study cited by Infowatch, a cybersecurity firm, highlights this surge and notes that the number of records involving seized personal data and payment information skyrocketed, reaching 44.8 million records. The pattern indicates that customer data holds significant value for scammers, contributing a sizable share of overall leaks.
Andrey Arsentyev, who leads analytics and special projects at Infowatch, attributed the uptick in key indicators to several large cyber incidents affecting banks, microfinance institutions, and insurance providers within the year. He explained that each major breach involved the theft of millions of personal data records as part of the operation. The report shows a shift in breach sources: the proportion of leaks tied to banks, microfinance entities, and insurers declined from 92.8% to 66.5% over the year, while breaches at investment firms, payment services, and cryptocurrency exchanges rose in prominence.
Infowatch also notes a change in how data is used in social engineering. The share of personal data involved in such schemes fell from 96.4% to 82.6%, even as the leakage of trade secret data rose from 0% to 13%. The study further warns that external attackers are increasingly collaborating with insiders to access data on the black market or to facilitate intrusions into corporate networks with the help of employees.
Group-IB, another cybersecurity firm, reports that attacks against financial companies have not slowed in any sector and that a decline in breach activity is unlikely in the near term. The findings underscore a persistent risk landscape for financial institutions, including banks, lending platforms, and asset managers, as cybercriminals adapt to new targets and methods.
These trends illustrate how attackers continue to exploit the sensitivity of financial data and the complex digital ecosystems that institutions rely on. As cyber threats evolve, organizations across North America and beyond are intensifying measures to protect customer information, improve incident response, and harden defenses against breaches that could expose sensitive financial records and payment data. Stakeholders are urged to prioritize robust authentication, continuous monitoring, and rapid containment strategies to minimize potential harm to customers and the broader economy.