Customer and employee details account for nearly half of all stolen data

Credit card and password data theft plunges by 64% as companies deploy improved data security measures.

  • Wednesday, 11th January 2023 Posted 1 year ago in by Phil Alsop

Imperva has released More Lessons Learned from Analyzing 100 Data Breaches report, a 12-month analysis by Imperva Threat Research of the trends and threats related to data security. The report finds that personal employee or customer data accounted for nearly half (45%) of all data stolen between July 2021 and June 2022, while companies’ source code and proprietary information accounted for a further 6.7% and 5.6% respectively. More positively, the research found that theft of credit card information and password details dropped by 64% compared to 2021.

 

“It’s very encouraging to see such a decline in stolen credit card data and passwords,” says Terry Ray, SVP and Field CTO at Imperva. “It suggests that more organizations are using basic security tactics such as Multi-factor Authentication (MFA), which makes it much harder for outside cyber attackers to gain the access required to breach data. However, in the long term, PII data is the most valuable to cybercriminals. With enough stolen PII, they can engage in full-on identity theft which is hugely profitable and very difficult to prevent. Credit cards and passwords can be changed the second there is a breach, but when PII is stolen, it can be years before it is weaponized by hackers.”

 

The research also reveals the root causes of data breaches, with social engineering (17%) and unsecured databases (15%) as two of the biggest culprits. Misconfigured applications were only responsible for 2% of data breaches, but businesses should expect this figure to rise in the near future, particularly with cloud-managed infrastructure where configuring for security requires significant expertise. 

 

“It’s really concerning that a third (32%) of data breaches are down to unsecured databases and social engineering attacks, since they’re both straightforward to mitigate,” continues Ray. “A publicly open database dramatically increases the risk of a breach and, all too often, they are left like this not out of a failure of security practices but rather the total absence of any security posture at all.”

 

Imperva Threat Research also identified the six most common oversights that

enable data breaches: 

 

1. Lack of Multi-factor Authentication (MFA) - There is no good reason why organizations shouldn’t be using MFA as it makes it far harder for an attacker to successfully use stolen credentials to access sensitive information. 

2. Limited visibility into all data repositories - Businesses need a single dashboard solution that can provide insight on a broad range of data security capabilities, including data discovery and classification, monitoring, access control, risk analytics, compliance management, security automation, threat detection, and audit reporting.

3. Poor password policies - Every company should be doing regular employee training sessions on the importance of not duplicating passwords or sharing them with colleagues, partners or vendors.

4. Misconfigured data infrastructures - Each cloud-managed infrastructure is unique, and requires a specific skill set to manage properly. Visibility over all cloud-managed data repositories through a single dashboard eliminates the need to maintain configurations for data visibility.

5. Limited vulnerability protection - A zero-day vulnerability in a popular piece of code can cause security issues for tens of thousands of organizations. Runtime protection secures your applications from vulnerabilities without leaving your application exposed to potential exploitation.

6. Not learning from past data breaches - Organizations should be using machine learning (ML) to do rigorous analyses of anomalous behavior to identify malicious activity. This information can then inform a baseline of typical access for privileged users, send alerts on deviations from that behavior, and keep profiles of how past insiders have breached data.