2018: The Year of the Breach

2018: The Year of the Breach

It seems the more organizations try to plug the holes in their security, the harder it is to stop the flow of sensitive data from gushing out. Whether it’s hackers targeting businesses, or employees and third parties leaving devices and networks open for accidental exposure, data breaches are becoming more prevalent than ever.

According to the identity intelligence company, 4iQ, in 2018, data breaches rose more than 400% over the previous year with almost 15 billion personal records exposed either maliciously or by accident.

Here are some of the top breaches of 2018:

Anti-Public Combo Collections – (Hacked) 1.8 billion unique email addresses

Aadhaar, India – (Open third-party device) 1.1 billion people affected

Marriott Starwood Hotels – (Hacked) 500 million guests PII

Exactis – (Open device) 340 million people and businesses

HuaZhu Group – (Accidental Exposure) 240 million records

Apollo – (Open device) 150 million app users

Quora – (Hacked) 100 million users

Google+ – (API Glitch) 52.2 million users

Chegg – (Hacked) 40 million accounts

Cathay Pacific Airways (Targeted attack) 9.4 million passengers

The report points out that government agencies were fastest growing target, suffering an incident increase of almost 300%. These numbers are startling, but the report covers only those breaches that were spotted and confirmed, not all that occurred, since some breaches were not made public.

Cyber criminals are becoming more sophisticated in their attacks using new technology like AI and automated crawlers to search exposed information for valuable sensitive data. And thanks to human error, cyber criminals don’t have to work as hard anymore since 63% of the records cited in the report were left exposed due to misconfigured or open servers.

Through being aware of all their sensitive data and classifying it properly, organizations can protect their information, and that of their customers, from either malicious attack or accidental exposure. It takes less than a day to ensure that sensitive data is secured. Isn’t that better than years of headaches becoming another exposure statistic?