International. Data breaches exposing millions of personal records are becoming the new normal. Data breaches hit an all-time high, rising by 492% to a record 27 billion in the first half of 2020.
Data acquired by Atlas VPN revealed a total of 2,037 publicly reported breaches in the first half of 2020. Compared to the same period last year, the number of records leaked through June 30 grew nearly sixfold from 4.7 billion to more than 27 billion records. .
The number of records exposed in the first half of 2020 is 12 billion more than the total number of records leaked during the whole of 2019. In addition, it is more than four times greater than any six-month period between 2013 and 2020.
It was revealed that misconfigured databases and services were the main cause of the increasing number of data leaks. Incorrect configuration can leave entire databases open and freely accessible to anyone, which can consequently lead to bad actors taking advantage of sensitive data.
In contrast to the growing number of leaked records, the number of data breaches in the first half of 2020 plummeted by 52%. However, the drop in data breaches is more likely to result from late disclosure of events than from the actual decrease in the number of breaches that occur.
The study by cyber risk professionals at Risk Based Security found that the rate of breach reports decreased at the beginning of the pandemic and has not increased since.
The figures are based on research by Risk Based Security's cyber risk analysis team that analyzed publicly disclosed data breaches reported between January 1, 2020 and June 30, 2020. The study also contains data on reported breaches from previous years dating back to 2013.
Email addresses are more likely to be leaked
Breaches in the first half of this year exposed a number of highly sensitive personal data ranging from email addresses to social security numbers to credit card details. People who tend to reuse the same email addresses and passwords on different platforms should be especially careful, as these credentials are among the most commonly exposed types of data.
Emails remain the most targeted type of credentials for three years in a row, with 42% of data breaches in the first half of 2020, including email addresses. The investigation revealed that people continue to use work email addresses for personal purposes, including gaming sites, sports media companies, and recreational equipment distributors.
Violations exposing names increased by 12% from 28% to 40% compared to the equivalent period last year. This change, however, may be caused by a decrease in breach disclosures.
The reason is that, if the exposed data contains a person's name and at least one other type of identifying information, the breached entity may be legally required to disclose the event.
Nearly 36% of breaches exposed passwords. While the number was down by about 24% from last year, passwords remain among the most leaked types of data. Most of the passwords exposed were hashed. However, some had outdated hashing algorithms and could therefore be easily decrypted.
Another type of data that is frequently leaked is a social security number (SSN), which was revealed in 22% of breaches in the first half of this year. Unlike the number of passwords, the number of social security numbers exposed increased by 7% over last year.
However, the number of breaches in which credit card information was disclosed remained the same as last year. Exposed credit card information exceeded 90 million records and was included in 11% of breaches in the first half of 2020.
Data breaches appear to be increasing in severity, with the first six months of this year recording the largest breaches in history. More than 66% (18 billion) of the records leaked in 2020 were the consequence of just two data breaches.
Source: Atlas VPN.
