Breaches are up by 78%
Were You Caught Up in a Breach Last Year?
If you’re a US resident, you were likely affected by a data breach last year. Despite a global decline in breaches in 2023, the US saw a significant increase. Surfshark reported that the number of breaches in the US tripled. The Identity Theft Resource Center (ITRC) also noted a 78% increase in reported data compromises compared to the previous year.
Notable breaches last year included:
T-Mobile: Affected 37 million accounts, exposing names, emails, phone numbers, billing addresses, and birth dates.
Xfinity: Nearly all its customers (~36 million) had account usernames, passwords, and security question answers exposed.
PeopleConnect, Inc.: Impacted 20 million Instant Checkmate and TruthFinder customers, exposing names, hashed passwords, email addresses, and phone numbers.
2024 Data Breach Outlook
According to TechCrunch, the worst data breaches of 2024 have already surpassed 1 billion stolen records. Significant breaches include:
Ticketmaster: Potentially impacted 560 million users, although the company claims the number is closer to 1,000.
Dell: Experienced a breach affecting 49 million customers globally.
City of Baltimore: Accidentally exposed a database containing identities of residents who reported crimes.
Reasons Behind the Surge in Breaches
There’s three core reasons for the surge:
Ransomware Evolution: Ransomware groups now steal data to increase ransom payment pressure.
Cloud Data Vulnerabilities: Many organizations store data in the cloud without proper security measures. IBM found that 82% of breaches last year involved cloud data.
Vendor Vulnerabilities: Organizations often rely on vendors with access to their systems. These vendors may have weaker cybersecurity, providing an entry point for criminals.
How to Know If You Were in a Data Breach
The easiest way to know if you were exposed in a data breach is through notifications from affected organizations. Additionally, you can check HaveIBeenPwned to see if your data was compromised and to receive notifications of future breaches.
Steps to Take If You Were In a Breach
The response to a breach depends on the compromised data type:
Login details: Change passwords for the affected account and any other accounts using the same password. Enable multi-factor authentication.
Credit card information: Immediately contact your bank.
Social Security Number: Report the incident to the FTC and freeze your credit with each credit bureau.
Other data: Be vigilant about potential scams using the stolen information.
No Such Thing As “Harmless Data Exposure”
Even seemingly harmless data like your email address can be problematic. Exposed data can be compiled over time to create detailed profiles on you. Cybercriminals merge data from new and old breaches, enhancing their datasets for malicious use, such as phishing campaigns.
“Fence Your Data” to Avoid Breaches
While it's challenging to ensure your data is never breached, you can take steps to minimize the risk:
Avoid signing up for loyalty programs.
Skip filling out optional fields on forms.
Limit sharing your Social Security Number.
Be cautious with personal information on blogs, social media, and forums.
Delete Unnecessary Data
You can still take action even if you’ve previously overshared. State laws may allow you to delete your information and opt out of data sales. Additionally, delete unnecessary online accounts and uninstall unused apps to reduce data exposure.
By staying informed and proactive, you can better protect your personal information in an increasingly digital world.
The only thing worst than having your personal information stolen in a breach is to be a business owner who caused it. Don’t sleep on Cybersecurity just because you’re not a multi-billion dollar corporation! We are experts in the field and can protect your company. Click to Call or Email us to schedule a meeting.