US financial services firms suffered three-times more data breaches in the first six months of 2018 than during the same period in 2016, according to new data from Bitglass.

The security vendor aggregated data from the Identity Theft Resource Center (ITRC) and the Privacy Rights Clearinghouse (PRC) to gain insight for its Financial Breach Report 2018.

In total, there were 103 breaches recorded from January to August 2018, versus the 37 recorded over the same period in 2016. That’s understandable considering the wealth of lucrative sensitive information these companies typically store, including home addresses, bank statements and Social Security numbers.

Hacking and malware were responsible for the vast majority (74%), with 15% down to accidental disclosures, 9% the result of a physical breach and 3% the result of insider threats.

Bitglass also claimed that 44% of financial services organizations have malware in at least one of their cloud apps, with ransomware-as-a-service, modular banking trojans, cloud crypto-jacking attacks and more all posing a threat.

It noted that 93% of AV engines, along with Google Drive and Microsoft SharePoint, were unable to detect the zero-day ShurL0ckr ransomware that appeared earlier this year.

The top three breaches so far in 2018 accounted for more records than all of those in the vendor’s 2016 report: 64,512. These included an insider theft of 1.5 million customer details at SunTrust Bank.

The data broadly aligns with Verizon’s most recent Data Breach Investigations Report (DBIR), which revealed earlier this year that 92% of threat actors in attacks on financial services firms are external and 7% internal.

However, that report also pointed to the growing need not just to protect against data theft, but also guard against ATM skimming and jackpotting.

The report also comes just a day after UK regulator the Financial Conduct Authority (FCA) fined Tesco Bank over £16m for failings that led to a theft of over £2m from customers’ accounts back in 2016.