Breach Data Highlights a Pivot to Orgs Over Individuals
Posted January 28, 2021
- Both the number of data breaches and the number of individuals affected by data breaches plummeted in 2020, as attackers moved away from collecting mass amounts of information and instead targeted user credentials as a way to infiltrate corporate networks to install ransomware.
- Because more than half of workers shifted to remote work during the year, many expected data breaches to increase, but instead cybercriminals became more focusedBecause more than half of workers shifted to remote work during the year, many expected data breaches to increase, but instead cybercriminals became more focused.
- “What [cybercriminals] are really looking for, and this is reflected in the value you see in the identity marketplace, … is credentials,” James Lee (ITRC) says. “They know that most people reuse passwords, so even a personal compromise, they know, can lead them to a corporate setting, the ability to get into a company.”
- Supply chain attacks have become more popular, with more than 668 companies affected by attacks on third-party providers.
- In a worrisome trend, the US government is reducing the support for identity-theft victim assistance; in fact, no federal funds have been specifically reserved for such assistance in the current fiscal year.
– Robert Lemos | January 28, 2021