2018: The Year of the Breach
It seems the more organizations try to plug the holes in their security, the harder it is to stop the flow of sensitive data from gushing out. Whether it’s hackers targeting businesses, or employees and third parties leaving devices and networks open for accidental exposure, data breaches are becoming more prevalent than ever.
According to the identity intelligence company, 4iQ, in 2018, data breaches rose more than 400% over the previous year with almost 15 billion personal records exposed either maliciously or by accident.
Here are some of the top breaches of 2018:
Anti-Public Combo Collections – (Hacked) 1.8 billion unique email addresses
Aadhaar, India – (Open third-party device) 1.1 billion people affected
Marriott Starwood Hotels – (Hacked) 500 million guests PII
Exactis – (Open device) 340 million people and businesses
HuaZhu Group – (Accidental Exposure) 240 million records
Apollo – (Open device) 150 million app users
Quora – (Hacked) 100 million users
Google+ – (API Glitch) 52.2 million users
Chegg – (Hacked) 40 million accounts
Cathay Pacific Airways (Targeted attack) 9.4 million passengers
The report points out that government agencies were fastest growing target, suffering an incident increase of almost 300%. These numbers are startling, but the report covers only those breaches that were spotted and confirmed, not all that occurred, since some breaches were not made public.
Cyber criminals are becoming more sophisticated in their attacks using new technology like AI and automated crawlers to search exposed information for valuable sensitive data. And thanks to human error, cyber criminals don’t have to work as hard anymore since 63% of the records cited in the report were left exposed due to misconfigured or open servers.
Through being aware of all their sensitive data and classifying it properly, organizations can protect their information, and that of their customers, from either malicious attack or accidental exposure. It takes less than a day to ensure that sensitive data is secured. Isn’t that better than years of headaches becoming another exposure statistic?