Protecting the value of sensitive financial documents

By SIPIAR Team on 10/18/2017
Stolen business information is worth a pretty penny on the black market.
Stolen business information is worth a pretty penny on the black market.

What's the dollar value of your business's data? Even if you don't have a figure, cybercriminals have already run the numbers. They're selling records stolen from organizations of all kinds for a serious profit on the dark web. 

A recent study from the Intel Security Group and McAfee labs tabulated the average price of a single stolen digital document on the internet's black market, revealing surprising details on why these crimes remain so lucrative.

  • A single stolen credit card in the U.S. can be sold for as much as $30, although cards from the European Union can fetch as much as $45.
  • Login credentials for a standard bank account with a $2,200 balance can be worth around $190 to hackers.
  • Surprisingly, usernames and passwords for hotel loyalty programs could sell for as little as $20 or as high as $1,400.

Although the above examples include personal information, business breaches are a primary way cybercriminals access such documents. The impetus for stronger business controls on cyber threats is even greater in highly regulated industries like the financial services sector, insurance and healthcare. In all of these organizations, a secure data destruction plan constitutes a legal requirement as well as a valuable tool for earning the trust of customers and clients.

HackerOn the black market of the internet, stolen information can fetch a high price.

Document retention and destruction

Financial services firms such as banks and insurance companies are beholden to a number of regulations regarding how long they must retain certain sensitive records, as well as when and how they should destroy them. According to an article from Lexology, some of the most pertinent federal laws related to data destruction include:

As explained by Lexology, adhering to these often complex document retention schedules is barely half of the battle - financial institutions must also have established procedures for destroying these documents, particularly digital storage devices with specific destruction needs.

Sipi Asset Recovery is helping financial institutions, insurance firms and all other businesses keep their devices and data safe by implementing specialized IT asset disposition plans. This ensures businesses and the clients connected to them don't become another statistic related to cybercrime and identity theft.