New research highlights sharp rise in attacks on commercial banking and insurance, with over 1.35 billion victim notices issued across all sectors in 2024
The financial services industry experienced the highest number of data compromises in 2024, surpassing the healthcare sector for the first time in six years, according to new research from Alta Technologies based on Identity Theft Resource Center data.
The findings underscore a dramatic escalation in cyber risk across multiple industries, with a total of 3,158 data compromises recorded last year, generating more than 1.35 billion victim notices.
The financial services sector, which includes institutions like banks, accounting firms, and insurance entities, recorded 737 data compromises in 2024, resulting in 48 million victim notices. This increase was driven primarily by attacks targeting commercial banking and insurance organisations.
Commercial banking accounted for 336 compromises, while insurance entities experienced 148 compromises.
“The findings highlight the rising volume of attacks across multiple industries and the growing exposure of financial services,” said Corey Donovan, President of Alta Technologies. He urged vigilance, advising staff to flag suspicious email attachments and employ multi-factor authentication for sensitive information.
While financial services topped the list, healthcare, professional services, and manufacturing also faced significant risk:
Financial Services: Recorded 737 compromises, affecting 48 million people, and overtook Healthcare as the sector with the highest number of data compromises for the first time since 2018.
Healthcare: Recorded 536 data compromises, affecting approximately 47 million individuals. Although still a major target, this marked a significant drop from 811 compromises recorded in 2023.
Professional Services: Ranked third with 345 breaches, resulting in 3 million victim notices. This represents an increase from 310 breaches in 2023.
Manufacturing: Followed with 317 compromises but impacted a substantial 51 million individuals. The total breaches rose sharply from 258 in 2023.
The report also identified several other sectors facing severe impact, even if their breach counts were lower:
Technology recorded 142 compromises but was responsible for one of the highest impact totals, affecting 326 million individuals.
Government organisations saw a notable rise, logging 128 breaches compared to 99 in 2023, issuing 12 million victim notices.
Hospitality, despite only recording 69 breaches, had the single largest number of impacted individuals across all categories, with 565 million people affected.
Mining and construction ranked ninth with 104 compromises and 226 million victim notices.
Retail reported 96 breaches (down from 118 in 2023) but still affected 71 million individuals.
Education recorded 162 compromises and 3 million victim notices, remaining highly targeted despite a slight decrease from 173 breaches in 2023.
The vast majority of compromises across all sectors were attributed to cyberattacks, followed by system and human errors, physical attacks, and supply chain incidents.
Sectors with minimal activity included the military (reporting no data breaches), social services (18 compromises), and HR and staffing (23 compromises). Overall, the 2024 total of 3,158 data compromises was only 44 fewer than the record set in 2023, signalling that the pervasive threat environment continues unabated.
