Data Breaches on Track for Record Year

Wednesday, May 24, 2017 @ 04:05 PM gHale

This year is on a pace to be another “worst year on record” for data breach activity, a new report found.

“The trends that drove the extraordinary activity in 2016 are continuing unabated in 2017,” said Inga Goddijn, executive vice president at Risk Based Security, which conducted the survey.

SCADA Security Needs to Step Up: Report
Breach Costs on Rise
SMB ‘Easy Targets’ for Attackers
SharePoint for Vital Data, But is it Safe?

So far this year, there have been over 1,200 breaches and over 3.4 billion records exposed, the researchers said.

“We have seen the return of widespread phishing for W-2 details, large datasets continue to be offered for sale and misconfigured databases remain a thorny problem for IT administrators,” Goddijn said in a post.

Targeting information useful for filing false tax returns is not a new practice and neither is phishing unsuspecting employees in order to obtain valuable information. However, the practice of emulating a trusted party and requesting copies of W-2 forms has clearly become a favorite money making scheme for the first quarter.

One trend came to prominence last year, when more than 60 organizations fell for the specialized phishing scam in Q1 of 2016. Known as Business Email Compromise (BEC), an attacker send an email impersonating a trusted colleague or business partner, requesting either a funds transfer or personal information. Despite the experience in 2016 and warnings from the IRS in January and February of this year, over 200 organizations fell for the scam in first 3 months of 2017.

Another 2016 trend that continued into Q1 2017 is the sale of large datasets. One seller was active this past quarter, offering for sale various username and password combinations gathered from 11 different organizations and impacting a whopping 1.5 billion records in total, researchers said.

Click here to register to download the report.

Leave a Reply

You must be logged in to post a comment.