There have been an exponential increase in the amount and severityof large-scale, well-publicized data breaches. With data breaches occurring regularly, people have become desensitized to them. This isn’t good, since the protection of data has never been more important. Not only are business required to announce that a data breach has occured, they are also obligated to pay fines due to regulations in accordance with GDPR
The seriousness of data breaches has cost some companies their entire business, and the predictions don’t look good: according to reports from Teramind, 231,354 data records are lost or stolen in a 60-minute period.
What is a data breach?
A data breach is a security incident of unauthorized release of private and sensitive information. The most frequent scenario is when a cybercriminal infiltrates a database and compromises sensitive data, whether it’s just merely that data or copying, transmitting or using it in any way. Data breaches can expose personal information, financial information such as credit card numbers from individuals and corporate secrets, their software codes, customers and even intellectual property, as in the major Sony breach.
After a data breach, losses may result from an attacker impersonating someone from the targeted network and his gaining access to otherwise secure networks. If regulatory compliances are violated, the organization suffering the data breach can face legal fines.
Why do data breaches happen?
Data breaches can happen for a number of reasons; targeted attacks can lead to the compromise of identity, money theft, or it can even happen accidentally. Unfortunately, data breaches are mostly performed by cybercriminals. In a classic example, an attacker gains access to a corporate or organization’s private network where he can steal data from employees, or even go further and steal sensitive data from the organization’s database — containing information about customers, manufacturers, product development secrets, etc. A big issue with these kinds of breaches is that the attack and infiltration into the network can go undetected for long periods of time. Sometimes, they never get detected.
Hackers attack every 39 sec, on average 2,244 times a day.
Some data breach and hacking statistics are presented below to help quantify the effects of these attacks.
- Security breaches have increased by 11% since 2018 and 67% since 2014.
- Hackers attack every 39 seconds, on average 2,244 times a day.
- The average time to identify a breach in 2019 was 206 days.
- The average lifecycle of a breach was 314 days (from the breach to containment).
- 500 million consumers, dating back to 2014, had their information compromised in the Marriott-Starwood data breach made public in 2018.
- 64% of Americans have never checked to see if they were affected by a data breach.
- 56% of Americans don’t know what steps to take in the event of a data breach.
- The average cost of a data breach is $3.92 million as of 2019.
- 83% of enterprise workloads will move to the cloud by the year 2020.
- In 2016, 3 billion Yahoo accounts were hacked in one of the biggest breaches of all time.
- In 2016, Uber reported that hackers stole the information of over 57 million riders and drivers.
- Uber tried to pay off hackers to delete the stolen data of 57 million users and keep the breach quiet.
- In 2017, 412 million user accounts were stolen from Friendfinder’s sites.
- In 2017, 147.9 million consumers were affected by the Equifax Breach.
- In 2018, Under Armor reported that its “My Fitness Pal” was hacked, affecting 150 million users.
- 18 Russians, 19 Chinese individuals, 11 Iranians and one North Korean were involved in indictments for their alleged state-sponsored espionage against the United States.
53% of companies had over 1,000 sensitive files open to every employee.