Most U.S. banking institutions faced cyber intrusions through third-party connections during the past year.
In the digital age, banks and financial institutions are increasingly reliant on third-party vendors and service providers. However, this reliance comes with its own set of risks. A recent trend has seen a surge in third-party data breaches, particularly in US banks, which have exposed serious weaknesses across the digital ecosystem.
The UK has not been immune to this trend. According to reports, the country has seen a nearly doubling of ransomware attacks on financial institutions in 2023. The International Monetary Fund (IMF) warns that financial institutions are increasingly targeted by threat actors, with organizations accounting for nearly one-fifth of the total number of breaches globally.
The US banks' woes stem from vulnerabilities in external vendors and service providers. For instance, a 2025 breach at Western Alliance Bank exploited a flaw in third-party file transfer software, compromising sensitive customer data. Ransomware remains a leading cause of breaches, reflecting how attackers exploit weaknesses in third-party systems.
The impacts of these breaches are far-reaching. They result in massive exposure of personal and financial data, significant financial costs, prolonged detection and containment times, and long-term risks to customer trust and regulatory repercussions.
To mitigate these risks, preventive measures focus on rigorous third-party vendor risk management, advanced threat detection systems, stronger access controls, regular security audits, rapid incident response plans, and encryption of sensitive data.
In the UK, the Financial Conduct Authority (FCA) is taking steps to address these issues. From March 2025, regulated financial firms will be expected to take measures to protect themselves from third-party attacks and maintain operational resilience. The FCA is also expanding the requirements it places on these firms, including setting impact tolerances, carrying out testing to identify vulnerabilities, conducting crisis simulation exercises, and developing robust internal and external communication plans.
Despite these efforts, nearly all major US banks and virtually all of the top 100 US banks experienced third-party data breaches last year. The banking sector must remain highly vigilant and continuously monitor external attack surfaces to protect the immense volumes of sensitive customer data they hold.
Sources:
- Cybersecurity Dive
- Western Alliance Bank
- Identity Theft Resource Center
- Ponemon Institute
- The cybersecurity industry is working to address the increased risks of third-party data breaches, particularly in the banking and insurance sector, as financial institutions globally, including the UK, have experienced a significant rise in such attacks.
- In the midst of these challenges, the US cybersecurity business landscape has been significantly impacted by third-party data breaches, with many banks and financial institutions paying the price for vulnerabilities in their external vendors and service providers.
- To combat these threats, technology plays a critical role in improving cybersecurity, with solutions such as advanced threat detection systems, stronger access controls, regular security audits, rapid incident response plans, and encryption of sensitive data being implemented by both financial institutions and regulatory bodies like the FCA in the UK.
