Total Incidents: According to Rankiteo, FFHCL富 has faced 0 incidents in the past.

Incident Types: As of the current reporting period, FFHCL富 has not encountered any cybersecurity incidents.

Total Financial Loss: The total financial loss from these incidents is estimated to be {total_financial_loss}.

Cybersecurity Posture: The company's overall cybersecurity posture is described as 以「成為亞洲一流的金融機構」為發展願景的富邦金控，旗下主要子公司包括富邦人壽、台北富邦銀行、富邦銀行(香港)、富邦華一銀行、富邦產險、富邦證券及富邦投信等，擁有最完整多元的金融產品與服務，經營績效耀眼，位居市場領導地位。富邦金控深耕台灣逾60年，以「正向力量 成就可能™」為品牌理念，致力以正向的力量及全方位的金融服務，支持人們追尋美好未來。 截至2024年底，富邦金控總資產達12兆673億元，為台灣總資產第二大、市值第一大金融控股公司， 2024年稅後淨利為1508.20億元，每股盈餘(EPS)10.77元。富邦金控已連續16年榮登台灣金控業每股盈餘獲利王。富邦金控及子公司優異的永續經營表現也深獲國際專業肯定，已連續八年入選道瓊永續指數(DJSI)之最高榮譽「世界指數」成分股，連續九年入選道瓊永續指數「新興市場指數」成分股。 Intent on becoming one of Asia’s first-class financial institutions, Fubon Financial Holdings has the most complete portfolio of financial products and services in the industry, provided through a strong lineup of subsidiaries that includes Fubon Life, Taipei Fubon Bank, Fubon Bank (Hong Kong), Fubon Bank (China), Fubon Insurance, Fubon Securities and Fubon Asset Management. These subsidiaries ensure that Fubon delivers consistently strong results and remains a market leader. Fubon Financial Holdings has nurtured its presence in Taiwan for more than 60 years, and its brand concept – “Be positive All possible” – reflects its commitment to support those pursuing a better future with positive energy and an unrivaled array of financial services. As of the end of 2024, Fubon Financial Holdings had total assets of NT$12.07trillion, the second highest among financial holding companies, and its market capitalization was the highest in the sector. After-tax net profit totaled NT$150.82 billion in 2024, with earnings per share (EPS) of NT$10.77, the highest in the sector for a 16th consecutive year. The efforts made on sustainability by Fubon Financial Holdings and its subsidiaries have earned widespread recognition internationally. Fubon has been selected as a constituent of the Dow Jones Sustainability Indices’ top index, the DJSI World Index, for eight straight years and to the DJSI Emerging Markets Index for nine years in a row..

Detection and Response: The company detects and responds to cybersecurity incidents through {description_of_detection_and_response_process}.

Common Attack Types: As of now, the company has not encountered any reported incidents involving common cyberattacks.

Identification of Attack Vectors: The company identifies the attack vectors used in incidents through {description_of_identification_process}.

Average Financial Loss: The average financial loss per incident is {average_financial_loss}.

Commonly Compromised Data Types: The types of data most commonly compromised in incidents are {list_of_commonly_compromised_data_types}.

Incident Response Plan: The company's incident response plan is described as {description_of_incident_response_plan}.

Third-Party Assistance: The company involves third-party assistance in incident response through {description_of_third_party_involvement}.

Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: {description_of_prevention_measures}.

Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through {description_of_handling_process}.

Ransom Payment Policy: The company's policy on paying ransoms in ransomware incidents is described as {description_of_ransom_payment_policy}.

Data Recovery from Ransomware: The company recovers data encrypted by ransomware through {description_of_data_recovery_process}.

Regulatory Frameworks: The company complies with the following regulatory frameworks regarding cybersecurity: {list_of_regulatory_frameworks}.

Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through {description_of_compliance_measures}.

Key Lessons Learned: The key lessons learned from past incidents are {list_of_key_lessons_learned}.

Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: {list_of_implemented_recommendations}.

Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at {list_of_additional_resources}.

Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through {description_of_communication_process}.

Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: {description_of_advisories_provided}.

Monitoring and Mitigation of Initial Access Brokers: The company monitors and mitigates the activities of initial access brokers through {description_of_monitoring_and_mitigation_measures}.

Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as {description_of_post_incident_analysis_process}.

Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: {list_of_corrective_actions_taken}.

Ransom Payment History: The company has {paid/not_paid} ransoms in the past.

Last Ransom Demanded: The amount of the last ransom demanded was {last_ransom_amount}.

Last Attacking Group: The attacking group in the last incident was {last_attacking_group}.

Most Recent Incident Detected: The most recent incident detected was on {most_recent_incident_detected_date}.

Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on {most_recent_incident_publicly_disclosed_date}.

Most Recent Incident Resolved: The most recent incident resolved was on {most_recent_incident_resolved_date}.

Highest Financial Loss: The highest financial loss from an incident was {highest_financial_loss}.

Most Significant Data Compromised: The most significant data compromised in an incident was {most_significant_data_compromised}.

Most Significant System Affected: The most significant system affected in an incident was {most_significant_system_affected}.

Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was {third_party_assistance_in_most_recent_incident}.

Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were {containment_measures_in_most_recent_incident}.

Most Sensitive Data Compromised: The most sensitive data compromised in a breach was {most_sensitive_data_compromised}.

Number of Records Exposed: The number of records exposed in the most significant breach was {number_of_records_exposed}.

Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was {highest_ransom_demanded}.

Highest Ransom Paid: The highest ransom paid in a ransomware incident was {highest_ransom_paid}.

Highest Fine Imposed: The highest fine imposed for a regulatory violation was {highest_fine_imposed}.

Most Significant Legal Action: The most significant legal action taken for a regulatory violation was {most_significant_legal_action}.

Most Significant Lesson Learned: The most significant lesson learned from past incidents was {most_significant_lesson_learned}.

Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was {most_significant_recommendation_implemented}.

Most Recent Source: The most recent source of information about an incident is {most_recent_source}.

Most Recent URL for Additional Resources: The most recent URL for additional resources on cybersecurity best practices is {most_recent_url}.

Current Status of Most Recent Investigation: The current status of the most recent investigation is {current_status_of_most_recent_investigation}.

Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was {most_recent_stakeholder_advisory}.

Most Recent Customer Advisory: The most recent customer advisory issued was {most_recent_customer_advisory}.

Most Recent Entry Point: The most recent entry point used by an initial access broker was {most_recent_entry_point}.

Most Recent Reconnaissance Period: The most recent reconnaissance period for an incident was {most_recent_reconnaissance_period}.

Most Significant Root Cause: The most significant root cause identified in post-incident analysis was {most_significant_root_cause}.

Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was {most_significant_corrective_action}.