Both the number of data breaches and the number of individuals affected by data breaches plummeted in 2020, as attackers moved away from collecting mass amounts of information and instead targeted user credentials as a way to infiltrate corporate networks to install ransomware.
That's according to a new report, out Jan. 28 from the Identity Theft Resource Center, which estimates that more than 300 million individuals were affected by data breaches in 2020, a large number but a drop of 66% over the previous year. In addition, the number of reported data breaches fell to 1,108, a decline of 19% over 2019.
Because more than half of workers shifted to remote work during the year, many expected data breaches to increase, but instead cybercriminals became more focused, says James Lee, chief operating officer of the ITRC.
"What has happened is that threat actors are not as interested in mass data collection," he says. "The data breaches that do occur are not about 'hoovering' up everything in sight, as they were five and ten years ago. Now they are very targeted and very strategic."
The top findings of the breach report reflect two major economic trends. As companies shifted to a remote workforce due to the pandemic, more than half of workers moved to working from home. The shift made credentials an even more valuable commodity for hackers, as valid credentials could be used to infiltrate a business.
And what to do with credentials? Cybercriminals continued to double down on ransomware, ..
Support the originator by clicking the read the rest link below.
