Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
0

Data breaches see slight decline after record year in 2021 | #malware | #ransomware | #hacking | #aihp


“Identity-related employment benefits fraud, never much of a problem prior to the pandemic, shot to the top of the list for most reported — and most costly — government benefits fraud,” said Eva C. Velasquez, president and CEO of the resource center.

“Rather than take control of existing financial accounts as in years past, identity criminals preferred to open new accounts using personal information stolen in data breaches or collected from individuals tricked into sharing information with criminals.”

Eva Velasquez, president and CEO of Identity Theft Resource Center

Eva Velasquez, president and CEO of Identity Theft Resource Center

An estimated 87% of data compromises in the first half of this year were due to cyberattacks.

“Ransomware attacks declined quarter-over-quarter for the first time since ransomware surpassed malware as the number two primary cause of data breaches in 2019,” according to the report.

Data compromises 2016-2022    
Year Compromises Victims
2022 ( January-June) 817 53.4 million
2021 1,862 298.1 million
2020 1,108 310.2 million
2019 1,279 883.6 million
2018 1,175 2.2 billion
2017 1,506 1.8 billion
2016 1,088 2.5 billion
Source: Publicly-reported data compromises compiled by the Identity Theft Resource Center  

Ransomware is a type of malicious software that hackers use to infect a computer network, locking out the owner by encrypting the data. The hacker demands money in exchange for a key to restore access and agreeing not to publicly release or destroy stolen data. Two prominent ransomware attacks in 2021 disrupted operations of Colonial Pipeline Co. and meatpacker JBS.

Explore5 experts: Cybercriminals want your data and ransom money

“Security researchers speculate that the sudden decline in ransomware attacks is due to a combination of factors, including the ongoing conflict in Ukraine and the collapse of cryptocurrencies favored by cybercriminals,” the report said.

Phishing, which is a fraudulent email or website masquerading as a legitimate business or person, remained the top root cause of data compromises in the first half.

Lax security protocols, and stolen personal information like logins and passwords obtained through phishing or available on the dark web allow cybercriminals to make their way into computers.

ExploreThieves stealing passwords can get ‘keys to the kingdom’

Data compromises in the first half included 802 breaches, where information was removed or misused. Ten cases were data exposures, where data was unsecured but there is no indication information was accessed, copied or removed. The type of compromise was unknown for five incidents.

Supply chain attacks continue to be favored by cybercriminals, the report said. These are hacks that start with one company but give hackers access to data or the ability to spread malicious code to customers of the original target company.

ExploreCybercriminals make eye-popping ransom demands

Supply chain attacks on 44 companies impacted 367 entities and 4.1 million individuals in the first half, the report said. In 10 cases the original attack occurred in 2020 or 2021.

One of those companies hit in 2022 was Illuminate Education, a California-based student-tracking software firm. So far 234 entities and 201,586 victims reported being impacted. But but the resource center said data is still being collected and it is believed that the cyberattack affected more than 600 school districts.

“Our research shows that most people who receive a data breach notice struggle to understand what it means or what to do to protect themselves,” Velasquez, said. “Supply chain attacks are even more complicated as the organization that was attacked and the entity that owned the data figure out who is responsible for issuing a notice or if one is required.”

Cybersecurity best practices
Employee cybersecurity awareness training
Install firewall and anti-virus software
Replace equipment and software that is out-of-date
Install security patches and updates immediately
Do frequent and duplicative backups
Have a written cyberattack response plan
Install virtual private network
Scan emails before they go to employees
Change passwords frequently
Use multi-factor authentication

Follow @LynnHulseyDDN on Twitter and Facebook

ExploreSee more stories by Lynn Hulsey
ExploreJob growth, moderating inflation spur hope amid recession fears
ExploreWhat experts saying: How is the economy doing?
ExploreFired Dayton employee RoShawn Winburn won’t go to prison after sentence changed
ExplorePHOTOS: Scenes from the Montgomery County Fair
ExploreNew Dayton region economic development strategy brings federal funding opportunities


Click Here For The Original Source.


————————————————————————————-

Translate

Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish