Attacks/Breaches
4/4/2012
10:28 AM
50%
50%

9 Recent Data Breaches That Have Cost Financial Services Firms Big-Time

The details of these breaches are downright scary, or ingenious, depending on your point of view

Data breaches are no joke. Just ask any chief security officer. In addition to the bad headlines, customer churn and regulatory headaches associated with data breaches, the monetary costs can add up quickly. Until the Mastercard and Visa hack, the most recent high-profile data breaches have hit largely outside of the financial services industry, with Sony, Michael’s Stores and RSA (which cost parent company EMC close to $66 million) grabbing most of the headlines.

Despite the focus on other industries, though, financial services continues to be a top target for data breaches, caused by hacks, card scams, insider data theft, and the loss of a portable device that contains financial or private information.

And the details of the data breaches are downright scary, or ingenious, depending on your point of view. Here are 9 of the largest most recent financial services data breaches.

Read the full article here.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0986
Published: 2015-05-26
Multiple stack-based buffer overflows in Moxa VPort ActiveX SDK Plus before 2.8 allow remote attackers to insert assembly-code lines via vectors involving a regkey (1) set or (2) get command.

CVE-2015-3808
Published: 2015-05-26
The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not reject a zero length, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

CVE-2015-3809
Published: 2015-05-26
The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not properly track the current offset, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

CVE-2015-3810
Published: 2015-05-26
epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet.

CVE-2015-3811
Published: 2015-05-26
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-...

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.