Databreach – 2020 : worst year on record
Risk Based Security, a global leader in vunerability intelligence, breach data and risk ratings, revealed that the number of records exposed in 2020 is close to 36 billion.
There were actually 2,953 publicly reported breaches in the first three quarters of 2020. The third quarter added 8.3 billion records to what was already the « worst year on record ».
1/ What type of data is breached ?
Names, email adresses and passwords are the most exposed data types of the year.
2/ Who is breached ?
The Health Care sector was the most affected by the breaches this year.
Hospitals are easy targets to hackers. In fact, their datas are a life and death matter. So, when attacked by hackers using ransomwares, they can’t choose to not pay the ransom. The breaches can also come from healthcare professionals with files missing or curious staff on high-profile patients.
In January, Microsoft reveled a data breach resulting from a change made to the database’s network security group that contained misconfirgured security rules thant enabled exposure off the data. About 250 million records were affected by this breach.
3/ Where were breaches reported ?
The US are the most targeted country on breaches reported.
4/ Coronavirus and teleworking:
The covid-19 pandemic has changed the world of technology and the way we work. Indeed, people all over the world have started to work from home with their computers, making the cyber security sector deeply affected.
Cyber criminals have started to target these workers who mostly don’t know about cyber security.
Zoom is the biggest example of this trend. Download more than 50 milion times from the Google Play app store, Zoom is most popular videoconferencing application. Fake sites have been identified, which are impersonating Zoom domains in order to steal personal information.
In my opinion, companies have to take cybersecurity seriously and train all their workers to IT risks and personal data management. With the growing trend of working from home, cybersecurity is not only a matter of Legal and IT sectors.
All workers can have an impact to protect their companies and clients databases. The use, for example, of auto-generated passwords with a password manager using an encrypted database is the kind of thing that everybody can do.
In our field, one of the most important things to do is to be committed to a secured database (with encrypted datas and passwords). The security of our user’s datas is the priority.