Last October, we wrote 13 Scary Stats for Cybersecurity Awareness Month. https://www.idrnd.ai/13-scary-stats-for-cybersecurity-awareness-month/ With an increase in digital transactions and rising fraud related to the COVID pandemic, we wanted to compile and share some updated statistics.
The Latest Cybersecurity Stats
- The odds are good that your personal information has been compromised. According to Security Boulevard, 2020 is on track to hit a new data breach record with 16 billion records already exposed in the first half of the year. If the idea of your information making the rounds on the Dark Web isn’t frightening enough, Experian found that that 31% of data breach victims later have their identity stolen.
- Fraud is skyrocketing. In 2019, the Federal Trade Commission processed 2 million fraud reports compared to 1.4 million in 2018. 2020 is on track to continue this upward trend. Hackers are taking advantage of the global crisis to commit crimes including phishing attacks, payment fraud, and account takeovers.
- According to Experian’s 2020 Global Identity and Fraud Report, 57% of businesses reported higher losses associated with account opening and account takeover fraud in 2019, compared to 55% in 2018 and 51% in 2017.
- The 2020 Psychology of Passwords report by LastPass found that despite awareness of rising cyber threats, password behavior has mostly remained unchanged. 91% of people know that using the same password on multiple accounts is a security risk, yet 66% continue to do it anyway.
- The same LastPass study found that the #1 reason people reuse passwords is fear of forgetting them.
- Speaking of bad password hygiene, here is a recent look at the 20 most hacked passwords in the world. Is your password on the list?
- An IBM survey on working from home discovered that 50% of respondents didn’t know of any new company policies related to customer data handling or password management. 45% of respondents said their employer has not provided special training on protecting the security of devices while working from home.
- According to the new 2020 Cost of Data Breach Report by Ponemon Institute and IBM, stolen or compromised credentials were the cause of 19% of malicious data breaches.
- The same Ponemon and IBM report found that 80% of breached organizations said customer PII was compromised during the breach.
- The 2020 Verizon Data Breach Investigations Report, found that 86% of breaches were financially motivated.
- Verizon also found that 45% of breaches featured hacking. Credential theft, social attacks such as phishing and business email compromise, and errors caused the majority of breaches.
- A 2020 Javelin study reports that person-to-person (P2P, or peer-to-peer) fraud in the United States has increased 733% since 2016. P2P payments offer the ability for people to transfer money to one another for everything from rent to splitting a tab – think Zelle, Venmo, PayPal, Square Cash, or Google Wallet.
- Mobile banking fraud involving SIM swaps continues to increase. This tactic is a type of account takeover that enables criminals to target weakness in two-factor authentication to access bank accounts and more. This Princeton University study involved 50 attempts across five North American prepaid telecom carriers to port a stolen number. It found that all carriers used “insecure authentication challenges that could be easily subverted by attackers.” Learn the benefits of biometrics for two-factor authentication.
We encourage you to take action to keep yourself, your customers and your business safe. Resources include:
- Get information on keeping your business secure at https://staysafeonline.org/
- In the US, consumers can report fraud including Coronavirus scams at https://reportfraud.ftc.gov/#/
- In the UK, businesses can report cyberattacks at https://www.actionfraud.police.uk/
- Report cybercrime in Europe at https://www.europol.europa.eu/report-a-crime/report-cybercrime-online
Reach out ID R&D about ways to strengthen your authentication and identity proofing practices.