2021’s Biggest Data Breaches and What They Teach Us About Cybersecurity

Data Breach is defined as a security violation, which involve Sensitive, Unauthorised and confidential Data to be copied, Transmitted, exposed, stolen by an unauthorised individual for the purpose of personal gain or Malicious intentions. Data Brach influence a wide range of impact ranging from an Individual to the Giant corporations and Governments. With the increase in User Dependence on Internet of things and the rapid evolution of technology, it is much easier to collect, process data. However, the ineffective information security or the security mechanism to protect information is vulnerable to Data Breaches.

ISO/IEC 27040 defines a data breach as: compromise of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to protected data transmitted, stored or otherwise processed”

Data Breaches exposes millions of Personal details or billions worth of corporate details like Intellectual property details and government data. Data Breach can happen from internal or external. It directly or indirectly cost great expense for organisations dealing with high volumes of data. Much of the data breach may not have any effect or likely to be mitigated with low amount of damage. However, some data breach may cost huge burden for some Organisations. Till date yahoo data breach in 2016, was the most expensive data breach which shelled out nearly $1 Billion.

“The cost of cybercrime continues to climb; it’s expected to double from $3 trillion in 2015 to $6 trillion by the end of 2021 and grow to $10.5 trillion by 2025. The average cost of a single data breach in 2021 was $4.24 million, a 10% jump from 2019, according to Deloitte

With the increase in technology and altering user behaviour with evolving IOT, Information security has become a Substantial affairData breaches can be classified by amount of user information leaked; Value of Information leaked etc. Healthcare, energy, banking, utilities are some of the industries which are mostly affected with Data Compromises.

Top 10 Data Breaches of 2021

      1.LinkedIn 
           Around 700 million LinkedIn user data was compromised in June 2021. This was Second Data Breach in LinkedIn after 2012 where 200 
           million users’ data was leaked.
 
      2.Facebook
             In April 2021, nearly 533 million Facebook user data has been compromised containing usernames, passwords, locations etc.
 
      3.Social arks
            In January 2021, around 200 million user data has been breached from this Chinese social media agency through its unsecured 
            Elasticsearch database. The scrapped data was mostly non encrypted and not password protected.
 
      4.Bonobos
             This Men’s clothing brand suffered a data breach in January 2021 compromising 12.3 million user data. The company claims that the 
             data breach was targeted by cybercriminals through backup servers containing customers data.
 
      5.Twitch
           125GB of sensitive data with potentially 7 million user data has been leaked from this company owned by Amazon. Unlike other 
            data breaches, the data leaked from Twitch was almost the entire twitch data code. Hence it may have impacted all of its users.
 
      6.Neiman Marcus
            This US based Retailer lost nearly 4.8 million user data information. Most of the data was banking details of the users.
 
      7.Meet mindful
            The Dating app lost nearly 2.28 million user data. Most of the data posted on dark web was primarily private information of the users.
 
      8.Pixlr
             Nearly 1.9 million user database of Pixlr was breached in January 2021.
 
      9. Four Sports warehouse brands
             The most recent data breach reported in 2021. About 1.8 million user data of four sports stores namely Tackle Warehouse LLC, 
             Running Warehouse LLC, Tennis Warehouse LLC, and Skate Warehouse LLC were breached. Most of the Credit card details of customers
             were breached.
 
      10.Graff
             About 1.1 million user data of UK based Jewellery store was Breached. User data of high-end customers like Donald Trump, Saudi crown 
             prince were leaked.
Data breach involve exposing of various sets of data from personal Information like name, Social Security numbers, Address, Email/phone numbers, Financial Information, Biometrics to Corporate companies protected and confidential revenue details, sales reports, user details and Trade secrets to government data like Defence secrets, state beneficiaries’ details.

Most of the data breaches happens because of ineffective cybersecurity practices followed by the organisations dealing with data. In the past, most data breaches have been unexposed or Concealed by the Data Fiduciaries. However, with the evolving of strict data protection laws, it was made mandatory to notify any data breach and the measures taken by company to mitigate the damage.