Over 360 million people were affected by data breaches in the first eight months of 2023, according to a study commissioned by Apple. In the US alone, data breaches surged by nearly 20 percent in the first nine months of 2023 compared to all of 2022.
The study, by Stuart E. Madnick, Professor Emeritus of Information Technology at MIT, described data breaches as “an epidemic, threatening sensitive and personal consumer data the world over.”
“The total number of data breaches more than tripled between 2013 and 2022 — exposing 2.6 billion personal records in the past two years alone — and has continued to get worse in 2023,” the report said.
The report also highlighted a 70 percent increase in ransomware attacks and the alarming use of generative artificial intelligence by cybercriminals in 2023. The United States remains a top target for cybercriminals, and the current defenses may not be enough. “For US organizations, data breaches are now at an all-time high,” the report said.
“While organizations acknowledge these threats and pour resources into defending against them, inventive hackers have shown that they will continue to find ways to bypass security measures. And as long as organizations keep collecting troves of unencrypted personal data, hackers are motivated to keep finding new ways to get it.”
Meanwhile, a report by the Mozilla Foundation, published in October, revealed that organizations are harvesting more personal data than ever, and some are storing it on vulnerable cloud systems.
Data Breaches are a Global ‘Epidemic’
There was an increase in the number and severity of data breaches and ransomware attacks in 2023, Apple’s report said.
“We assess that ransomware attacks targeting US networks will increase in the near- and long-terms. Cybercriminals have developed effective business models to increase their financial gain, likelihood of success, and anonymity,” US Secretary of Homeland Security Alejandro Mayorkas said.
This year also saw a nearly 70% uptick in ransomware attacks, including double extortion tactics. These attacks have become more frequent and sophisticated, targeting sensitive sectors with potentially devastating consequences.
“Moreover, as organizations have been able to retrieve their customer data through backups and other countermeasures, hackers are becoming more aggressive,” increasingly leaking stolen data on the dark web, the report added.
One significant factor contributing to this rise in breaches is the exploitation of third-party vendors. Up to 98% of organizations work with vendors who have experienced a data breach in the past two years, the report said. And over 80% of these breaches involved cloud-stored data.
“Because cloud services are based on new technology, many organizations’ technical staffs may not be familiar with all the settings and procedures needed to secure the data,” the report explained.
Fortifying Your Defenses to Prevent Breaches
Apple recommends keeping personal data safe, employing end-to-end encryption measures, and thoroughly inspecting the weakest link in a system to combat these alarming trends effectively. A critical step involves limiting the amount of readable personal data in storage and implementing powerful end-to-end encryption measures.
This approach is exemplified by innovations such as Apple’s iCloud Advanced Data Protection, which offers a higher level of data security through comprehensive encryption strategies, the report noted.
It is also key to enhance cloud security practices to prevent cloud misconfigurations, the report said. Organizations must also be vigilant about the security protocols of their vendors, considering the increased risk of breaches through third-party services.
For individuals, we recommend practicing proper cyber hygiene and using cybersecurity tools like a solid virtual private network (VPN) like NordVPN and antivirus software to protect your privacy.
For more news, follow us on X (Twitter), Threads, and Mastodon!
