Data from the first quarter of 2021 showed an increased frequency of data breaches and compromised personal information.
The annual report from the Identity Theft Resource Center (ITRC) indicates the number of individuals with some form of personal data leaked online increased by 546% from the last quarter of 2020 to the first of 2021. And no, that percentage is not a typo.
This may not surprise industry experts, but the lack of reaction in the public at large does seem troubling. Many people have already been told that the likelihood of their personal information—phone number, email address, passwords—being on the dark web, or anywhere online, is astronomically high due to large-scale breaches like the ones at Facebook or T-Mobile—but the collective reaction seems minimal.
This is likely because individuals feel they have no control over the large-scale breaches, but also because they aren’t sure what actions they can personally take to alleviate some of the worries around identity theft and compromised credentials.
It’s also crucial to note that hackers and data miners aren’t targeting individuals; they target companies and take all the data they can get from within the organization’s system. This is a spark that can cause a daisy chain of issues for the employees as well as the company itself. Depending on the organizational security, this could happen before the enterprise even realizes there has been a breach.
This is an example of what many reports have indicated in the last years: that one of the largest issues looming in cybersecurity is weak passwords and already-compromised credentials. On top of this, password reuse is a bad habit that nearly 80% of individuals engage in, making it even easier for hackers to attack companies, but successfully retreat with employee’s personal data as bounty.
Fortunately, there are defensive solutions that organizations of any size can take to help protect themselves from an attack and improve the state of their cyber hygiene. Monitoring user passwords and comparing them to an ever-evolving blacklist of compromised passwords is one of the most high-impact, yet user-friendly solutions to password-related security breaches. Credential screening, along with other guidelines outlined by NIST, can be an excellent jumping-off point for those looking to bolster their security, both personal and organizational.