UpGuard’s customer is a multinational investment banking and financial services company. This organization provides a broad range of personal and commercial banking, wealth management and investment banking products and services.
This organization had recently suffered a data breach and wanted to do everything they could to ensure it would not happen again.
They approached us and were taken through a demo of UpGuard BreachSight. Preliminary BreachSight scans showed that they had exposed data from sensitive systems.
Due to normal budgeting cycles, their remediation project was in a pending status when the organization and another bank, were breached again. The organization had a well developed incident response capability. While many of the companies that we make disclosures to take days or weeks to take simple remediation steps, this organization was ready to deploy new tooling within a week to understand the full extent of their exposures.
The next week, the organization purchased UpGuard BreachSight. Per the onboarding process, the UpGuard team was provided a list of keywords related to the customer’s brand, and either names of business units they were operating, had acquired, or merged with their own properties. Additionally, the UpGuard BreachSight Research Team discovered additional domains used for development and internal processes.
Through the Data Leaks module, our researchers ran exhaustive searches using the provided keywords across 70+ exposure vectors including Amazon S3, Github, file transfer and database systems.
The results were similar to what we've found for other large financial services providers: fourteen previously unknown points of data exposure. After the initial onboarding and investigation of all open exposures, the UpGuard BreachSight Research Team has continued to work with our customer's threat intelligence team to identify, attribute and assess potential risks due to data exposures. Several of these have involved cases where the exposure is due to (and largely concerns) a third party, and during analysis, mentions of our customer have been discovered. This is one of the differentiating strengths of the UpGuard BreachSight platform: there are exposures that cannot be detected with surface level keyword searches but that can be detected during analysis.
Financial services providers are susceptible to third party risk, often needing to work with a variety of vendors to perform complex business functions such as payment processing, underwriting and fraud detection. Given the number of entities involved in the supply chain, it is very common for a third-party to experience an exposure through no fault of their own. UpGuard continues to assist this customer with third-party data exposures, as well as exposures from their internal systems.
92k searches performed
Through a combination of automated searches and analyst interpretation, UpGuard BreachSight discovered over 92,000 keyword-based results that could be potential data leaks.
70+ vectors continuously monitored
Over 70 unique vectors are continuously searched by UpGuard BreachSight for data leaks, including cloud storage, file transfer, databases and code repositories.
14 data exposures assessed and closed
The initial results produced by the BreachSight engine determined that a total of 14 medium-to-high severity data exposures could impact our customer. Our customer was able to close these exposures, and prevent a full scale data breach.
Our initial BreachSight scan helped this customer prevent another potential data breach. However, the benefits of continuous scanning soon became apparent, with 24x7 monitoring put in place.