Last year was complicated in terms of data protection for companies and public organizations, which frequently faced numerous security incidents. According to data published by a cybersecurity firm, in 2019 data breach incidents increased by 280% compared to the figures collected in 2018, representing the exposure of over 15 billion records worldwide.
These figures were revealed by Risk Based Security in its annual report on data breach incidents. Regarding the report, Inga Goddijn, vice president of the company, mentioned: “These figures are daunting, although it should be noted that it is not all bad news. A remarkable fact is that the number of incidents in which sensitive data exposure was not completed increased to 22.5% of the total reported data breaches.” In other words, Goddijn claims that the number of people exposed by these incidents was reduced in relation to the figures recorded in 2018.
Another indicator of noteworthy activity is the increase in data breach incidents during the last quarter of each year. In 2019, more than 7.2 billion records were exposed during October, November and December, as data protection experts mentioned.
Regarding the root causes of these incidents, the shaming first place still belongs to the databases exposed by the IT staff of the organizations’ oversights, which leaves them available to anyone who knows where to look for this information.
On the other hand, Goddijn mentions that the interest of threat actors in finding this information exposed has not diminished in the least, as these records represent constant revenue for groups of threat actors seeking to sell these bases data or even carry out some variants of attack against exposed users.
However, she states that organizations are working to adopt best information security and data protection practices: “The number of companies experiencing consecutive data security incidents is actually low, so experience is a fundamental factor. Still, we believe these incidents will continue to be a headache for the cybersecurity world in the coming years,” Goddijn concluded.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.