If U.S. corporations want to avoid costly data breach lawsuits in the future, they need to make cybersecurity a top priority.
A new report by Risk Based Security shows data breaches are not only growing at an alarming rate, it also shows the number of consumer records stolen from improperly secured networks is on the rise as well.
In its 2019 Midyear Quickview Data Breach Report, Risked Based Security says that 2019 is on track to being the “worst year on record” for breach activity.
According to the report, the number of data breaches is already up by 54% over last year, with half the year left to go. The number of records exposed in those breaches is up by 52%. More than 3,800 data breaches were reported in the first half of the year, exposing 4.1 billion records and compromising consumers’ personal and financial information.
More than 3.2 billion records (80% of the total records) were exposed in just eight of the data breaches reported in the first half of the year.
Two-thirds of the breaches and 85% of the stolen data occurred in the business sector, including the financial industry, where networks store some of the most sensitive — and to cyberthieves, valuable — consumer information.
Email addresses and passwords remain high-value targets for hackers. Risk Based Security reports that that emails account for 70% of the data compromised so far this year. Passwords account for about 64%.
The largest breach occurred on the computer systems of Verifications.io, a company that approves or verifies email addresses for third parties. That breach occurred because the company had an unsecured database that could be accessed by just about anyone. The result: nearly 1 billion million names, emails, and other personally identifiable information were compromised.
The second-largest breach so far in 2019 affected First American Financial, a leading provider of title insurance and settlement services to the real estate and mortgage industries. A design defect in a production application used by the company exposed 885 million digitized records containing bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and driver’s license images. The flaw allowed anyone with a web browser and no hacking skills to easily and instantly access First American’s consumer records.
“Quarter after quarter the pattern has repeated itself,” said Inga Goddijn, executive vice president and head of Cyber Risk Analytics at Risk Based Security. “The vast majority of incidents are attributable to malicious actors outside an organization. Unauthorized access of systems or services, skimmers and exposure of sensitive data on the Internet have been the top three breach types since January of 2018.”
Both accidental and malicious insider actions, however, also account for the escalating number of data exposures, Ms. Goddijn said.
Beasley Allen lawyer Archie Grubb is looking into cases where consumers may be at risk related to data breaches. If you feel you might have a claim, he would like to talk with you.
Additional source: 24/7 Wall Street