Summary
This report examines real-world insider threats in the financial sector, focusing on two significant incidents involving TD Bank and USAA. The document outlines how financial institutions manage sensitive metadata, making them prime targets for cyberattacks. It details the insider data leak at TD Bank, where a newly hired employee misused access to share client information, and the prolonged insider scheme at USAA's call center, which resulted in substantial fraud. The analysis highlights the similarities in both cases, including the misuse of authorized access and weak internal controls. Additionally, it discusses recurring trends such as inadequate monitoring and the absence of deterrents against data leaks. The report presents recommendations for mitigating insider threats, including the implementation of visible deterrents, secure document printing, and enhanced access controls. It emphasizes the importance of ongoing training and real-time alerts to strengthen security measures and protect sensitive client data from insider threats.
