The graphic above shows a timeline of some of the biggest data breaches on record. Each bubble represents the number of records lost in any given breach, with the most sensitive data clustered toward the right side. Before 2009, the majority of data breaches were the fault of human errors like misplaced hard drives and stolen laptops, or the efforts of “inside men” looking to make a profit by selling data to the highest bidder. Since then, the volume of malicious hacking (shown in purple) has exploded relative to other forms of data loss.
From Millions to Billions
Increasingly sophisticated hacking has altered the scale of data loss by orders of magnitude. For example, an “inside job” breach at data broker Court Ventures was once one of the world’s largest single losses of records at 200 million. However, it was eclipsed in size shortly thereafter by malicious hacks at Yahoo in 2013 and 2014 that compromised over 1.5 billion records, and now larger hacks are increasingly becoming the norm.
Small But Powerful
The problems caused by hacks, leaks and other data breaches are not just ones of scale. For example, the accidental 2016 leak of information from spam/email marketing service River City Media stands out at an alarming 1.37 billion records lost. However, sorting by data sensitivity paints a different picture. The River City leak – represented by the larger blue dot below – is surpassed in severity by hacks at Yahoo, at web design platform Weebly, and even at adult video provider Brazzers.
Much of the data lost in the River City hack was made up of long lists of consumer email addresses to be used for spam email distribution, while the other hacks listed compromised items like account passwords, banking information, addresses, phone numbers, or health records. While having your email address become the target for spam exploitation is a serious annoyance, the hacking of much more sensitive personal data has quickly become the norm. The fact that more and more of our data is being stored “in the cloud” and among devices on the Internet of Things means that increasingly sensitive types of data are now more vulnerable than ever to being hacked. This looks to be even more cause for concern than the rapidly rising volume of records that have been exposed, whether intentionally or by accident. on But fast forward to the end of last week, and SVB was shuttered by regulators after a panic-induced bank run. So, how exactly did this happen? We dig in below.
Road to a Bank Run
SVB and its customers generally thrived during the low interest rate era, but as rates rose, SVB found itself more exposed to risk than a typical bank. Even so, at the end of 2022, the bank’s balance sheet showed no cause for alarm.
As well, the bank was viewed positively in a number of places. Most Wall Street analyst ratings were overwhelmingly positive on the bank’s stock, and Forbes had just added the bank to its Financial All-Stars list. Outward signs of trouble emerged on Wednesday, March 8th, when SVB surprised investors with news that the bank needed to raise more than $2 billion to shore up its balance sheet. The reaction from prominent venture capitalists was not positive, with Coatue Management, Union Square Ventures, and Peter Thiel’s Founders Fund moving to limit exposure to the 40-year-old bank. The influence of these firms is believed to have added fuel to the fire, and a bank run ensued. Also influencing decision making was the fact that SVB had the highest percentage of uninsured domestic deposits of all big banks. These totaled nearly $152 billion, or about 97% of all deposits. By the end of the day, customers had tried to withdraw $42 billion in deposits.
What Triggered the SVB Collapse?
While the collapse of SVB took place over the course of 44 hours, its roots trace back to the early pandemic years. In 2021, U.S. venture capital-backed companies raised a record $330 billion—double the amount seen in 2020. At the time, interest rates were at rock-bottom levels to help buoy the economy. Matt Levine sums up the situation well: “When interest rates are low everywhere, a dollar in 20 years is about as good as a dollar today, so a startup whose business model is “we will lose money for a decade building artificial intelligence, and then rake in lots of money in the far future” sounds pretty good. When interest rates are higher, a dollar today is better than a dollar tomorrow, so investors want cash flows. When interest rates were low for a long time, and suddenly become high, all the money that was rushing to your customers is suddenly cut off.” Source: Pitchbook Why is this important? During this time, SVB received billions of dollars from these venture-backed clients. In one year alone, their deposits increased 100%. They took these funds and invested them in longer-term bonds. As a result, this created a dangerous trap as the company expected rates would remain low. During this time, SVB invested in bonds at the top of the market. As interest rates rose higher and bond prices declined, SVB started taking major losses on their long-term bond holdings.
Losses Fueling a Liquidity Crunch
When SVB reported its fourth quarter results in early 2023, Moody’s Investor Service, a credit rating agency took notice. In early March, it said that SVB was at high risk for a downgrade due to its significant unrealized losses. In response, SVB looked to sell $2 billion of its investments at a loss to help boost liquidity for its struggling balance sheet. Soon, more hedge funds and venture investors realized SVB could be on thin ice. Depositors withdrew funds in droves, spurring a liquidity squeeze and prompting California regulators and the FDIC to step in and shut down the bank.
What Happens Now?
While much of SVB’s activity was focused on the tech sector, the bank’s shocking collapse has rattled a financial sector that is already on edge.
The four biggest U.S. banks lost a combined $52 billion the day before the SVB collapse. On Friday, other banking stocks saw double-digit drops, including Signature Bank (-23%), First Republic (-15%), and Silvergate Capital (-11%).
Source: Morningstar Direct. *Represents March 9 data, trading halted on March 10.
When the dust settles, it’s hard to predict the ripple effects that will emerge from this dramatic event. For investors, the Secretary of the Treasury Janet Yellen announced confidence in the banking system remaining resilient, noting that regulators have the proper tools in response to the issue.
But others have seen trouble brewing as far back as 2020 (or earlier) when commercial banking assets were skyrocketing and banks were buying bonds when rates were low.
