Year-over-year data breaches are an increasing cause for concern. From 2016 to 2018, data breaches increased by more than 50%. And while 2017 endured the highest number of breaches on record, the incidents in 2018 reached a larger scale and caused unprecedented concern due to the caliber of organizations affected.
Most notably, the breaches that plagued Facebook, Marriott, and Under Armour collectively touched hundreds of millions of people and revealed personally identifiable information (PII) like:
- Email addresses
- Physical addresses
- Passwords
- Credit card numbers
- Passport data
For this reason, data breaches are often the incidents that make headlines and bring awareness to cybercrime. And, while data breaches will continue to be a concern in 2019, its quiet cousin, data exposure, could be the larger problem in the new year.
Data Exposure vs. Data Breaches
Though the two occurrences have relatively similar consequences, data exposure and data breaches are two different topics. Last year, more than 40% of cybersecurity incidents were classified as leaks (where data was exposed) as opposed to breaches, which makes it important to separate the two terms that are often bundled as one.
Data Breaches
Breaches occur when a hacker exploits a vulnerability to extract data. These incidents require skill and technology to execute, which makes them less common than data exposure incidents.
Data Exposure
Data exposure (or data leaks) are a result of human error. These instances are usually a combination of lackluster security and laziness which creates data vulnerability.
By the Numbers
Just how widespread is the problem? Consider the following statistics:
- The number of total records leaked increased by 133% between 2017 and 2018.
- The equivalent to 291 records were stolen or exposed every single second in the first half of 2018.
- According to haveibeenpwned.com, a total of 5.6 billion accounts have been compromised due to leaked data.
The mass influx of data exposure leads to real-life consequences. According to Gemalto’s Data Breaches and Consumer Loyalty report, consumers whose personal data has been exposed fall victim of:
The mass influx of data exposure leads to real-life consequences. According to Gemalto’s Data Breaches and Consumer Loyalty report, consumers whose personal data has been exposed fall victim of:
- Fraudulent use of financial information (21%)
- Fraudulent use of their personal details (15%)
- Identity theft (14%)
The Repercussions of Data Breaches vs. Data Exposure
In all states, the law requires that a company must disclose data breaches. Data leaks, on the other hand, are a bit of a legal grey area. Consumers might not always know when their information has been compromised, giving them a false sense of security and an unfair playing field when it comes to mitigating damages.
How to Limit Data Exposure
As more companies require personal information to access their services, consumers must be aware of the dangers.
Stay Aware
Each time you sign up for a new product or service, take the time to read terms of service agreements to see who has access to your data. Keep abreast of data breaches and continually monitor your accounts to ensure they haven’t been breached.
Push for Legal Change
Advocate for data policies like the GDPR in California will help consumers have a better understanding of how companies collect and disclose data so that consumers will have a better idea of how and when their data is exposed. Though legal action will take time, it’s important to monitor and support so we can have protection in the future.
Continue Personal Security Practices
Additionally, according to TechCrunch, exposed databases and user data can be easily found, yet are entirely preventable — often simply by setting a password.
As such, one of the best ways to protect yourself is through proper password creation and management. Whether that means personally ensuring you’re not breaking one of the password creation rules, or ensuring you’re implementing proper password policies at your organization, zeroing in on password protection should be a resolution for everyone this year.
If you’re ready to take action, and protect yourself from data exposure, access a free trial of EZPD and see how password generation and regeneration can work for you.