ForgeRock, the global digital identity specialist, has announced findings from its 2022 Consumer Identity Breach Report, revealing an unprecedented 297% surge in breaches caused primarily by security issues associated with supply chain and third-party suppliers, and representing almost 25% of all breaches.
The report also found unauthorised access was the leading cause of breaches for the fourth consecutive year, steadily increasing to account for 50% of all records compromised during 2021.
The report underscores the fact that cyber criminals continue to find new methods of attack across industries and geographies, and the cost of breaches also continues to grow, with the price of remediation from a breach climbing annually at a consistent and rapid pace.
ForgeRock CEO Fran Rosch says, “This is no time for security teams to let their guard down as cyber criminals are getting even more bold in how they score their next payday.
"Exploits that target peoples usernames and passwords to break into organisations are becoming more sophisticated. Now more than ever, companies need to adopt digital identity and access management solutions that strengthen their security posture without compromising the user experience.
ForgeRock also discovered that 60% of all records breached in 2021 included either Social Security Numbers, dates of birth, or both, nearly doubling since last year. The report found that as ecommerce sites and applications increasingly strive for an effortless user experience to differentiate from the competition, they often omit security features.
When massive amounts of personal data are poorly protected, this leads to creating the perfect conditions for breaches and subsequent fraud.
Phil Walsh, ForgeRock regional vice president for Australia and New Zealand, commented on the findings, highlighting the importance of cybersecurity that factors in how threats are evolving.
He says, “In the past few years, Australians have become more digitally enabled than ever before. With technology continuing to bridge the gap between online and offline, supporting increasingly remote workforces, we can expect to see the uptake of digital services continue.
"With digitisation increasing in the past year, The Australian Government has increased opportunities for Australian businesses to invest more in cybersecurity, with spend skyrocketing. As a result, we are seeing a downturn in breach activity, as security continues to be priority number one.
"But despite this downturn, incidents are still high if we compare them to pre-pandemic numbers and there is still capacity to build greater cybersecurity education and protections, especially as human error continues to dominate the causation of breaches."
Walsh concludes, "Looking ahead, what these findings tell us is that Australia is preparing for a greater digital future with the help of cybersecurity technology. As we continue to invest further into solutions like AI, we can expect to see greater bolstering of security protections against malicious actors.