Data breaches – security incidents where user information becomes publically exposed or stolen – are a serious issue for an organisation. The exposure of customer data can lead to a loss of confidence in the organization by its users. Even worse, the organisation could find themselves in violation of data privacy laws or on the receiving end of a lawsuit created by its users.
Following on from Symantec’s analysis on 2012 global data breach trends in the August Symantec Intelligence Report, the November Symantec Intelligence Report examines the types of data that is often stolen during a data breach. It turns out the most commonly stolen information is more personal than you might first expect.
At first glance, what may seem surprising is that a person’s real name is by far the most common item to be stolen in a data breach, where it is obtained 55 percent of the time. This surpasses even usernames and passwords, most commonly used for online identities, which appears within 40 percent of all data breaches. This points to a trend where hackers are targeting locations people go to complete tasks, in contrast to years past where breaches may have occurred with more frequency through message boards or online games. These former hot-spots would have been less likely to include a user’s real name, often only requiring an alias for a user name.
In contrast, more than 80% of data breaches that are occurring this year are with organizations whose Internet presence is secondary to their main business, such as the healthcare and education sectors, where online access to services is often set up as a means of convenience instead of a business front. Viewing a website as an auxiliary service may mean laxer security, making them easier targets for data breaches.
Spammers are using the holidays as a means to entice users to check out the wares they’re peddling, in much the same way they have in years past, and holiday spam is becoming a norm.
Looking at this year’s trends, naturally we see increases in Subject lines surrounding the themes during the lead-up to significant days in the holiday period.
However, the spam messages appear to appeal more to the holiday season in keywords than they do in the body of the message.
Some of the websites that these spam messages lead to appear to pay a little more attention to the details of the season however, with banners that fit the holiday spirit. Sometimes getting a full year’s jump on early shopping.