Why Data Breaches are Getting More Personal

Why Data Breaches are Getting More Personal

For the longest time, data breaches by hackers were limited to just credit card and financial information. Off late, the trend has shifted towards something far more personal and sinister –personal identities.

Recently, a wealth of private data was breached, including passwords, usernames, home addresses, payment histories, banking details and other related personal identifying information at ClixSense — a website that pays users for filling out online surveys and looking at paid advertisements. In the ClixSense data breach – over the data of over 6million users were compromised.

Last year, at the juncture of a $4.8 billion buyout by Verizon, Internet Company,Yahoo revealed a monstrous data breach, wherein a state-sponsored actor is suspected to have infringed into the organisation’s network and robbed a duplicate of account data pertaining to over 500 million users.

A probe by Yahoo affirmed that in 2014, a data breach exposed data containing usernames, email IDs, contact numbers, dates of birth, passwords, related security questions and answers and much more. The stolen user data is believed to be in the hands of a state-supported role player that is no longer prevalent in the Yahoo network, according to company sources.

The recent examples of data breaches are clearly showing how hackers are shifting their attention to identity theft and why data protection systems have become important.

A published report by Gemalto revealed that for the first two quarters of 2016, identity theft was the primary type of data breach, explaining for over 60 percent of all information infringements, up from over 50 percent in the previous six months. Malevolent unknowns were the leading originators of information infringements, accounting for 65 percent of infringements up from 55 percent in the previous six months.

Image source: Pixabay

The report also stated that the number of infringements and their intensity is likely to grow in the coming days.

The 500 million user data breach at Yahoo has been the largest and biggest so far in the annals of data infringements.

According to analysts at Gemalto, over 60 companies in UK alone have had their data compromised. But experts opine that the number might actually be higher as some organisations are unable to reveal when data infringements take place in their respective companies due to organisational polices.

More and more companies and organisations are increasingly collecting large amounts of consumer data. Simultaneously, online digital activities are also becoming diverse and fertile with colossal amounts of information on what consumers do, who they are, what they like etc. are getting stored, they stand to be a the highest risk of being stolen from the companies that store the data.

However with the forthcoming institution of the General Data Protection Regulation, all lines of work in the EU (or those conducting business in the region) will be expected to announce when they have been infringed. In addition, information would have to be enciphered and protected through sturdy certification techniques; if they refuse to comply then hazarding penalties would be inflicted on erring organisations.

The regulations are expected to come into effect in a short while from now, hence organizations would be well advised to begin the process of robust security about now.

Author Bio: The article is a contribution from DRM Company Locklizard. They provide enterprise level document security management systems. Visit website for more information.