Key Findings

  • Estimated financial losses due to third-party cyber attacks could exceed $1 million per event
  • 86% of credit unions and 76% of vendors that service credit unions have breached employee credentials available on the Dark Web
  • 66% of credit unions and 88% of vendors have not deployed the necessary configurations (such as DMARC record) to prevent email spoofing attacks
  • More than 70% of credit unions have at least one website with a login form that does not restrict excessive authentication attempts by deploying bot detection