Personal and employee data is a goldmine for hackers, who are now apparently more focused on obtaining these types of data than any other, new research has claimed.
A report from Imperva analyzing 100 data breach reports published in the last 12 months says personal employee and customer data accounted for almost half (45%) of all data stolen last year.
Cybercriminals are focused on personally identifiable information, Imperva claims, because that data can be used in identity theft (opens in new tab) and similar stage-two attacks. These, says Imperva SVP, Terry Ray, can be “hugely profitable and very difficult to prevent”.
Social engineering and unsecured databases
“Credit cards and passwords can be changed the second there is a breach, but when PII is stolen, it can be years before it is weaponized by hackers,” Ray added.
While often filling headlines, source code and proprietary data theft aren’t that popular, accounting for just 6.7% and 5.6%, respectively. The good news is that businesses had gotten a lot better at protecting payment information and password details, as leaks of this type of data dropped by 64% year-on-year.
Most of the time, data breaches are a result of social engineering (17%) attacks or attacks against unsecured databases (15%). Misconfigured applications accounted for roughly 2% of all data breaches, but businesses expect this format to play a bigger role in the future, mostly due to the rise in cloud-managed infrastructure, whose security configuration requires significant expertise.
For Ray, these results are somewhat surprising as unsecured databases and social engineering attacks are “straightforward to mitigate”.
“A publicly open database dramatically increases the risk of a breach and, all too often, they are left like this not out of a failure of security practices but rather the total absence of any security posture at all.”
Imperva says there are six most common oversights that result in data breaches, including the lack of multi-factor authentication (MFA), limited visibility into all data repositories, poor password policies, misconfigured data infrastructures, limited vulnerability protection, and not learning from past in some way.