Financial Information Systems

Financial Information Systems are increasingly a target for Identity Thieves. Identity theft — a major scourge in the United States for more than a decade – is gradually spreading around the world.

Intrusions into banking and financial systems are now an accepted, if frightening, fact of life for major financial institutions, as well smaller ones with lesser means to deploy for security. The US Government Accountability Office recently issued a report (July 2007) claiming that while the large amount of information lost or stolen is disturbing, it’s difficult to prove that these breaches lead to identity theft.

The major reasons that identity theft is so much more prevalent in the United States than elsewhere are the weak regulations protecting treatment of private information combined with the prevalence of its collection. Personal financial information is collected everywhere – the US Government even bestows Authority to Collect financial information on motor vehicles offices for the reneal of drivers licenses. It’s no surprise that more than one in ten Americans has been a victim of identity theft in the past few years.

The GAO issued a report examining two dozen of the largest data breaches from January 2000 through June 2005, as well as five breaches that involved federal agencies. The concluded that ‘ the extent to which data breaches resulted in identity theft is not well known.’ The US Government’s sophistry is reminiscent of the four decades which elapsed between proven correlations of cancer frequencies and smoking and the final, incontrovertible, refutable-not-even-by-a-cretin evidence which had to be brought to bear before the establishment, with its evident stake in cigarette sales and the cigarette company stock prices, finally agreed that, well, yes, smoking was after all carcinogenic.

So at this time, for the US Government, largely –if indirectly– responsible for the widespread identity theft within its borders, “it’s difficult to figure out how” an “individual’s personal information fell into the wrong hands.”

Concurrently, the FBI’s Cyber Division reported it was currently working on more than 1,300 pending cases of network intrusions in which data breaches resulted from unauthorized electronic access to computer systems, such as hackings. The Secret Service in 2006 alone opened 327 cases involving network intrusions or data breaches, specifically in which financial information was lost or stolen

Improvements in overall security have been achieved in most industry sectors, but the financial services industry has seen an increase in the average number of IT vulnerabilities, according to London-based NTA Monitor’s 2007 Annual Security Report. The study analyzed vulnerability tests conducted on a variety of U.K. companies, including financial services firms. Among the interesting remarks: “Flaws that our testing discovered could permit hackers to gain entry to corporate networks,… which could wreak corporate havoc. ” (Cont. >> next page)