The volume of stolen personal data in the financial sector has increased 32 times over the year

"The number of compromised personal data records (PD) and payment information increased 32—fold compared to 2021 — from 1.4 million units to 44.8 million units", - Kommersant reports, referring to the results of InfoWatch research.

Andrey Arsentiev, head of Analytics and Special projects at InfoWatch, noted that this is directly related to several major cyber attacks.

Also, the number of personal data leaks increased 1.7 times over the year — up to 48 cases. At the same time, there is a redistribution of the shares of various segments. Thus, the share of leaks in banks, MFIs and insurance companies decreased from 92.8% to 66.5%, and the share of leaks in investment companies, payment services and crypto exchanges increased. The manager of RTM Group, Evgeny Tsarev, expressed the opinion that in fact the number of incidents has practically not changed, because earlier there were more leaks than they were registered. Now the expert believes that the statistics are closer to real indicators.

InfoWatch researchers also drew attention to a decrease in the number of leaks related to the use of social engineering — their share decreased from 96.4% to 82.6%. At the same time, cases of theft of personal information representing a trade secret increased from zero to 13% over the year. According to Arsentiev, this is due to the shift of the threat vector towards external cyber attacks. He added that ordinary managers usually do not have access to data that is a trade secret, so cybercriminals use "complex schemes". According to InfoWatch analysts, the share of leaks due to the actions of external cybercriminals has tripled — from 21.4% to 75%.

"Any external attack has internal reasons — negligent attitude to the security of users responding to social engineering, administrators setting up security tools and infrastructure, as well as software developers who do not comply with the principles of safe development", - said Rustem Khayretdinov, Deputy General Director of Garda Technologies.

InfoWatch also began to use the term "hybrid vector" more often. Analysts note that more and more often external attackers enter into a criminal relationship with employees of companies and motivate them to steal information that can then be sold on the black market or used to break into the corporate environment.

Alexey Lukatsky, a business consultant on information security at Positive Technologies, said about the complexity of analyzing the situation with cybercrime in 2022. This is due to the creation by attackers of an abundance of fake resources that "helped" Russians to make purchases, financial transactions and other actions. According to experts, as a result of the conflict in Ukraine and Western sanctions, citizens began to change their usual platforms to new ones more often, but those, in turn, may turn out to be fraudulent.

This year, analysts see no reason for positive changes in the field of data leaks. Experts note the continuing intensity of attacks. Semyon Botalov, a junior analyst at the public leaks research group at IM Group-IB, believes that the international situation and insufficient protection of the company's assets are unlikely to lead to a decrease in the intensity of attacks on financial companies.