Real-Time Service Alerts
These 10 SMB Data Breach Statistics Show What a Dangerous World It Is for Your Data
A data breach is a nightmare for any company, and it’s one that more businesses in more industries are having to face today. About 85% of IT professionals foresee a data breach at their organization in the next 12 months. Cybercriminals are hungry for data that they can sell in booming dark web data markets for a hefty profit, spawning an unprecedented increase in data-focused cybercrime that’s rocking organizations of every size in every sector – and it isn’t going to stop anytime soon.
10 SMB Data Breach Statistics You’ve Got to See
- The number of recorded data breaches in 2021 has exceeded the total number of events 2020 by 17%, with 1,291 breaches in 2021 compared to 1,108 breaches in 2020
- More than 60% of breaches result from misused, stolen, or purchased credentials
- An estimated 85% of data breaches involve a human element.
- Phishing is the top threat action that results in a breach
- The number of breaches that involve ransomware has doubled
- 34% of data breaches involve internal actors
- Over 80% of breaches are discovered by external parties.
- An estimated 36% of organizations worldwide had a cloud data breach in the past 12 months
- 74% of organizations in the United States have fallen victim to a successful phishing attack that resulted in a data breach in the last 12 months
- The US is the leader in phishing-related data breaches for 2021 so far, with rates 30% higher than the global average, and 14% higher than the same period in 2020.
The Cost of a Data Breach is Stunning & Remote Workers Make It Worse
In this year’s IBM Cost of a Data Breach Report, researchers determined that the average cost of a breach in 2021 is estimated at $4.2 million per incident, the highest ever recorded in the 17 years of the study.
The cost of a data breach can change significantly depending upon the initial attack vectors including the top three most common: compromised credentials (20% of breaches), phishing (17%) and cloud misconfigurations (15%).
The cost of a breach can be impacted by the type of data stolen or leaked, like customer personally identifiable information – the most frequently breached and the most expensive at $180 per record.
The top country in the world for data breach costs in 2021 (so far) is the US with an average cost of $9.05 million.
Thanks to the hot market for COVID-19 data in 2020, medical data is in second place as the most desirable data to snatch, and healthcare at $9.23 million is the industry with the most expensive data breach costs.
Organizations that operate with 50% remote workers took an average of 316 days to identify and contain a data breach compared to the overall average of 287 days.
Companies supporting a remote or hybrid workforce experienced an increase of up to $1 million more when a data breach occurred, with the highest rates of $4.96 million in comparison to $3.89 million.
A Host of Factors Are Increasing Cloud Data Breaches
Cloud Data Brings Complications
“The State of Cloud Security 2021” asked IT professionals about the circumstances that influence a company’s chance of a possible cloud data breach and these were the factors that they pointed to:
32% say too many APIs and interfaces to govern
31% cite lack of adequate controls and database oversight
27% point to lack of policy awareness around data security
23% blamed old-fashioned negligence
21% said they are not checking Infrastructure as Code (IaC) prior to deployment
20% admitted outright that their IT team oversight is at fault
Booming Dark Web Data Markets Drive Data Theft
Most Prevalent Types of Data Stolen in Breaches
Credentials: 60%
Personally-Identifying Data (PII): 40%
Medical Data: 10%
Bank Data: 10%
Internal Data: 10%
Payment Data: 10%
Source: Verizon Data Breach Investigations Report 2021
Dark Web ID’s Top Threats This Week
Federal Bureau of Investigation (FBI)
https://www.washingtonpost.com/nation/2021/11/14/fbi-hack-email-cyberattack/
Exploit: Account Takeover
Federal Bureau of Investigation (FBI): Federal Government Agency
Risk to Business: 1.417= Severe
A shocking email security breach at the US Federal Bureau of Investigation (FBI) led to the takeover of a user account. The cybercriminals that accomplished the feat were able to use that compromised email account to send tens of thousands of fraudulent emails warning recipients of impending cyberattacks. Messages reached celebrities like Jay Z and journalists including investigative reporter Brian Krebs. The Bureau later confirmed that its Law Enforcement Enterprise Portal (LEEP) was compromised in a cyberattack Friday. FBI officials were quick to stress the fact that the malicious emails originated from an FBI-operated server that was solely dedicated to pushing notifications for LEEP and not part of the FBI’s corporate email service.
Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.
Customers Impacted: Unknown
How It Could Affect Your Business: This incident shows that no organization is immune to a cyberattack, and even the best defenses can fail.
IntegraMSP to the Rescue: Building cyber resilience helps insulate organizations from trouble like this. Learn more about why cyber resilience is the ticket to a safer future for your clients. GET THIS EBOOK>>
West Virginia Parkways Authority
Exploit: Ransomware
West Virginia Parkways Authority: State Government Agency
Risk to Business: 1.822=Severe
A suspected ransomware attack snarled operations at the West Virginia Parkways Authority last Friday. Officials announced that a cyberattack had hit the agency’s internal computer systems, knocking out email, telephones, and various non-critical applications for several hours. According to the statement, no data was extracted or exposed in the incident which only impacted operational technology. Systems have since been restored and the incident is under investigation.
Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.
Customers Impacted: Unknown
How It Could Affect Your Business Using ransomware against infrastructure targets to shut down their operations has become much more common.
IntegraMSP to the Rescue: Learn more about how ransomware is evolving, what we predict that you’ll see next and how to protect your clients in Ransomware Exposed. GET THIS EBOOK>>
Robinhood
Exploit: Phishing (Vishing)
Robinhood: Financial Services Platform
Risk to Business: 1.542=Extreme
Financial services platform Robinhood is in the news again after disclosing a data breach on 11/03. The company blamed the security incident on vishing. Threat actors obtained access to the organization’s customer support systems by obtaining systems access over the phone. This is the same technique that proved successful in the 2020 Twitter hack. According to reports, after accessing the data, the cybercriminals then demanded an extortion payment to keep the data safe. No word on the amount of this demand. The incident is under investigation.
Individual Risk: 1.312=Extreme
The company disclosed that it estimates a total of seven million users are apparently affected by this breach. Threat actors accessed email addresses for five million customers and a separate list of full names for two million customers. Robinhood says that the bad guys gained access to varying levels of user information including in-depth PII including full names, date of birth and zip code for around 310 users, and extensive records for a subset of 10 users.
Customers Impacted: Unknown
How It Could Affect Your Business Vishing threats are popping up more frequently as cybercriminals look to vary their approach to obtaining credentials in unexpected ways.
IntegraMSP to the Rescue: Help your clients build a powerful defense against today’s top cybersecurity threat, phishing, with the knowledge and threat intelligence you’ll gain in our eBook The Phish Files. DOWNLOAD IT>>
Hewlett Packer Enterprise (HPE)
https://www.computerweekly.com/news/252509375/HPEs-Aruba-networking-unit-hit-by-cyber-attack
Exploit: Credential Compromise
Hewlett Packer Enterprise: Business Technology Services
Risk to Business: 1.615= Severe
Hewlett Packer Enterprise (HPE) just informed customers that use its Aruba networking unit that their information may have been exposed in a cyberattack on its Aruba Central cloud environment in late October. The company outlined the incident in a statement to the press “On 2 November, HPE discovered that an access key to data related to the network analytics and contact-tracing features of Aruba Central, our cloud-based network management and monitoring solution, was compromised and used by an external actor to access the environment over a period of 18 days between 9 and 27 October 2021.” HPE went on to specify that the data in question included “identifying device media access control (MAC) addresses, IP addresses, device operating systems type and hostnames, and user names for Wi-FI networks where authentication is used, as well as dates, times, and physical Wi-Fi access points (APs) to which devices connected.” The incident is under investigation
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
Customers Impacted: Unknown
How it Could Affect Your Business Cybercriminals will do anything to obtain a legitimate user credential because it gives them the keys to the kingdom, enabling them to do massive damage quickly.
IntegraMSP to the Rescue: Make sure you’re protecting your client’s credentials with strong security. That starts with building strong passwords with our Build Better Passwords eBook. GET IT>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors relted to the assessed breach.