sb-au logo
Story image

Q1 2020 sees more data breaches than ever before

Breaches and leaks of sensitive data on a large scale are becoming more common as the cyberthreats ramp up in 2020, with the number of breached records globally surging by 273% in Q1 2020 compared to the prior-year period.

That’s according to research from Atlas VPN, which also found that a total of 8.4 billion individual documents have been leaked in the first three months of this year alone – many of which were concentrated in 11 specific breaches, in which each breach exposed more than 100 million records.

This huge number of breaches represents a record high for a first-quarter – the only other year which came close was Q1 2017, in which 3.4 billion records were exposed.

For some perspective, the total number of records exposed in the first quarters of the years from 2013 to 2019 totalled to 8.05 billion – meaning that total is still not as high as Q1 2020.

According to the research, the majority of the exposed data originated from a single unprotected ElasticSearch server, from which over 5 billion records were exposed, including emails and passwords from services such as Adobe, Twitter, LinkedIn and Tumblr, among others.

There were 1,196 individual data leaks in Q1 2020, according to publicly available data, of which almost 40% happened in the United States.

However the data may be skewed as the disclosure requirements in the US are strong compared to other countries, meaning thousands of leaks may be happening across the world without being reported.

And even if the leaks are reported, as many as 42.06% do not have an identifiable source – meaning an unsecured cloud or similar servers containing users’ information was discovered, but nobody knows where it came from.

According to the research, 70% of all breaches result from phishing scams. Instances of phishing have skyrocketed in the era of COVID-19, as attackers take advantage of remote workers not having the protection they usually enjoy while on-premise.

Atlas VPN says that the IT sector was the hardest hit in terms of breaches in Q1 2020 – breaches more than doubled when comparing the quarter to the same time in 2019.

Following IT, the manufacturing and healthcare sectors were next on the list of breach increases between years. The healthcare industry is especially vulnerable because of its widespread use of outdated technology, as well as the fact that the industry is underfunded in many countries. 

Reports show that over 56% of devices operating in the health sector are still running on Windows 7, while 27% of medical devices are still operating on Windows XP or decommissioned versions of Linux OS.

Story image
Rate of ransomware attacks in Australia well above global average — report
Over two-thirds (67%) of Australian organisations have suffered a ransomware attack in the last 12 months — 10 percentage points above the global average of 57%.More
Story image
Commvault expands features for Disaster Recovery solution
The solution, which offers disaster recovery automation through a single extensible platform, will now support orchestration to and from on-premises, Azure and AWS.More
Story image
Vectra sets A/NZ channel in sights with new leadership hire
The new international sales VP will be charged with strengthening its MSP programme and growing its channel partner network in the region.More
Story image
The cybersecurity risks that come with re-onshoring Australian manufacturing
As technology such as IoT, robotic process automation (RPA) and artificial intelligence (AI) reshapes the manufacturing landscape, organisations are simultaneously put at an increased risk of a cyberattack.More
Story image
How a vantage point sees threats before they impact
When the focus has been on adversaries that develop increasingly complex and sophisticated attacks, tried and true techniques such as compromised credentials continue to be amongst the most potent weapons.More
Story image
Trend Micro launches cloud native security solution for modern applications and APIs
“Application security is an invaluable part of the Cloud One platform, integrating technology to provide superior protection for customers deploying applications wherever it makes the most sense for them."More