I wasn't talking about European financial companies - they're actually pretty decent at security because European financial regulators actually have teeth, and the internal platforms for a Deustche Bank or BNP Paribas are fairly forward facing (or at least as forward facing as very large and old conglomerates can be).
The companies I'd be worried about are outside the financial sector. I know it's all anecdotal so we're just randos on the internet yelling at each other, but actual enforcement of European data and security regulations (outside of the financial sector) are minimal, and more critically, very basic platform security practices haven't percolated.
That said, I can safely say that Equifax has completely revamped their infra to prevent a leak like the one they previously faced. They had a complete rearchitecture and heads rolled.
And I'm not talking about financial sector exclusively either. All sorts of companies, even centuries old ones, are taking security seriously and even if there often is lots of legacy stuff, there's no material differences with Indonesian or American or Brazilian companies
The companies I'd be worried about are outside the financial sector. I know it's all anecdotal so we're just randos on the internet yelling at each other, but actual enforcement of European data and security regulations (outside of the financial sector) are minimal, and more critically, very basic platform security practices haven't percolated.
That said, I can safely say that Equifax has completely revamped their infra to prevent a leak like the one they previously faced. They had a complete rearchitecture and heads rolled.