According to research by Risk Based Security, reports of data breaches are down by over 50 percent for the first half of 2020. Great news, right? Well, not completely. The research also found that while the number of reported data breaches are down, the number of records exposed is more than four times higher than any previously reported time period.
According to the research, there were 2,037 publicly reported breaches from January 1 through the end of June, which accounts for a 52 percent decrease compared to the first six months of 2019. By mid-year 2019, there had been 4,298 breaches reported. In terms of the number of records breached, the researchers found that over 27 billion records were exposed in the first half of 2020, exceeding the total number of records exposed during all of 2019 by more than 12 billion records.
The main cause of data breaches in the first half of 2020 comes as no surprise: misconfigured databases and services.
Many researchers in the information security field surmise that reported breaches are down, but the number of actual data breaches has not decreased. In fact, many researchers argue that the number of incidents has increased due to the vulnerabilities associated with working from home. It is unclear whether incidents are indeed going unreported, have yet to be detected, or some combination of the two. Only time will tell…
Meanwhile, as if in direct contradiction to reports of decreasing data breaches, news of another massive data breach looms in the headlines. This week, security researchers at Comparitech disclosed that Social Data, a company that sells data on social media influencers to marketers, has exposed a database of nearly 235 million social media profiles from Youtube, TikTok, and Instagram without a password or any other authentication.
The exposed data includes names, contact info, personal info, images, and statistics about followers. And while this information was technically scraped from publicly available information on social media sites, having the information stored in this database makes it vulnerable to spam marketing and phishing campaigns.
If you are concerned about preventing misconfigurations that lead to data breaches, please know that DivvyCloud can help. Read more about misconfigurations, learn how DIvvyCloud can fix a misconfiguration with our automated remediation, or get in touch with us today.