Skip to main content
banner image
venafi logo

Reputation Protection for a Leading Worldwide Bank

Reputation Protection for a Leading Worldwide Bank

middle aged executive man sitting at desk, working on computer
August 22, 2018 | Scott Carter

After a breach at a leading multinational bank, tens of millions of user records were accessed and stolen certificates were found exposed.
 

Before Venafi: Stolen digital certificates were discovered on a phishing site. Around 100 servers were affected, and tens of millions of records were accessed in the attack. The breach inflicted major brand, business and reputational damages to the multinational financial institution.
 

After Venafi: Global certificate reputation information was implemented that flags misuse across the Internet. Venafi's solution allowed for the immediate whitelisting and blacklisting of certificates, and certificate authorities. Now the company can remediate bad certificates and block rogue CAs, securing their multi-billion dollar assets, brand and reputation.

Banks are a popular target of phishing scams.

Bad guys work to steal or forge certificates that will make their phishing sites look more legitimate and increase the success of their attacks. Most organizations don’t have visibility into the misuse of their certificates or into certificate reputation to better identify stolen or forged certificates that are abusing their brand.
 

"Cybercriminals were able to access almost 100 servers and tens of millions of customer records"

For this leading worldwide bank, the bad guys were able to use a stolen SSL private key and certificate to conduct a very effective phishing campaign that remained undetected for months. These cybercriminals were able to access almost 100 servers and tens of millions of customer records. After this attack the organization struggled with repairing their damaged brand and rebuilding customer confidence. They turned to Venafi for help with remediation efforts and security that would protect the company against the next attack.
 


The bank is now using Venafi TrustNet to get global certificate reputation information for its domain. This reputation information flags the misuse of certificates across the Internet. And when misuse is identified, the bank can immediately remediate by blacklisting rogue certificate authorities (CAs) and illegitimate certificates, and then address the vulnerability as time allows.
 

Now "the bank can immediately remediate by blacklisting rogue certificate authorities"
 

With Venafi, the bank has been able to restore real trust in its digital certificates and ensure continued customer confidence in its business and brand.

 

Read More:

 

 

Like this blog? We think you will love this.
how-to-remediate-keys-and-certificates-after-a-data-breach
Featured Blog

How to Remediate Keys and Certificates After a Data Breach

The Solution

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies
eBook

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Scott Carter
Scott Carter

Scott is Senior Manager for Content Marketing at Venafi. With over 20 years in cybersecurity marketing, his expertise leads him to help large organizations understand the risk to machine identities and why they should protect them

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more