According to Bitdefender experts, 2020 is well on the way to becoming the record year of data leaks. Thanks to Corona and a lot of home office, cyber criminals have a much easier game than in previous years.
The year is only half over, but 2020 is already preparing to set a new record in terms of data breaches. The year always got off to a difficult start. Corona has largely turned life inside out in all countries of the world - the perfect starting point for all cyber criminals. Countless companies have fallen victim to data theft, from health insurance companies to tech and software companies to social networks and caterers.
So far this year around 16 billion data records have been reported as being accessible. According to information from IT security experts, 2020 billion insufficiently secured data records were recorded in the first quarter of 8,4 alone; that represents an increase of 273% compared to 2019. There were “only” 4,1 billion data records in the first half of the year.
Billions of records are badly secured
Compared to 2019, the number of officially reported data leaks fell by 1% in the first quarter of 2020, but the corona pandemic gave hackers a new boost. Phishing campaigns flourished as more and more people “locked themselves” in at home, and social engineering tricks hit millions of Internet users.
Unfortunately, the astounding decline in reported data breaches is nothing to celebrate. Due to the chaos that the corona pandemic evoked in many places, many data breaches were not reported or reported late.
The final sharp increase in the number of data records disclosed is due to a gigantic security incident: a misconfigured ElasticSearch cluster that exposed more than 5 billion data records, including hash value types, the date of the data leak, passwords, email Addresses, email domains, and sources of data leaks.
Towards the middle of the year, more and more data breaches were reported. We would like to briefly highlight a few notable ones:
Partner exchanges
The data of millions of dating app users was stolen, resulting in numerous targeted attacks and blackmail attempts. In May, 3,7 million records were stolen from the MobiFriends app, including dates of birth, gender, online activity, cell phone numbers, usernames, email addresses and passwords hashed with MD5.
According to the latest findings, a total of 845 GB of sensitive data has also leaked from other dating apps, including around 20 million files with photos, user names and financial transaction data.
Travel industry
In March, Marriott confirmed a security incident in which the personal information of 5,2 million guests was disclosed. According to the company, there is “no reason” to believe that bank details or credit card numbers have been stolen, but the attackers have intercepted travel details, names, addresses and loyalty program details.
EasyJet reported an attack on May 9th in which personal data was stolen from 9 million customers. Although only 2208 credit card details were stolen, the stolen travel data is an excellent basis for targeted phishing attempts.
Telecommunications
At Virgin Media, a database containing information on 900.000 customers had been left unsecured for a period of 10 months.The data breach was not a result of a cyber attack, but anyone who would have stumbled upon the database during this time would have names, phone numbers, e Being able to see the mail addresses and postal addresses of the customers.
Health services
In 2020, cyber criminals will increasingly target healthcare targets. Corona research institutions in particular are repeatedly falling victim to ransomware attacks. Over 100 incidents were reported in the first quarter, affecting data on more than 2,5 million people. Patient data is traded high on the darknet and an increase in identity theft in healthcare is expected in the future.
More data leaks
Personal data is simply not safe online. Most internet users are unaware of the value of their data, but the attackers are. According to the US University of Maryland, an attack takes place every 39 seconds.
Trading stolen data on the Darknet has become a lucrative business area that generates millions. In the USA e.g. For example, according to a 2017 study, a new victim of identity theft is found every 2 seconds.
Certain data leaks pose an increased risk for the victims, but even with apparently irrelevant data, cunning attackers can be surprisingly messy. Human error is still a major factor in data breaches. Even if your data is still secure at the moment, it is often only a matter of time.
We are all part of the digital world and we cannot always trust companies to adequately secure our data. So focus on ways to minimize the impact of potential data breaches.
Install security software on all of your Internet-enabled devices, and do not use the same password for multiple online accounts. Avoid revealing too much about yourself on social networks and be on the lookout for phishing emails and unsolicited messages via SMS or other messaging services.
More on this at Bitdefender.com
About Bitdefender Bitdefender is a leading global provider of cybersecurity solutions and antivirus software, protecting over 500 million systems in more than 150 countries. Since it was founded in 2001, the company's innovations have consistently ensured excellent security products and intelligent protection for devices, networks and cloud services for private customers and companies. As the supplier of choice, Bitdefender technology is found in 38 percent of security solutions deployed around the world and is trusted and recognized by industry experts, manufacturers and customers alike. www.bitdefender.de