Data breaches aren’t slowing down. If anything, they’re set to break last year’s record pace. As noted by 24/7 Wall Street, the 758 breaches reported this year mark nearly a 30 percent increase from 2016. If cybercriminals keep it up, the total number of attacks could break 1,500 by the end of 2017.

Top Five Data Breaches of the First Half of 2017

Recent research by the Ponemon Institute found that companies have a 1-in-4 chance of experiencing a data breach. Still not convinced of the risks? Here’s a look at the top five data breaches (so far) this year.

1. Edmodo

In May, education platform Edmodo was breached. The company’s vice president of marketing and communications told Motherboard that the organization had “learned about a potential security incident” and was taking the report “very seriously.” Meanwhile, a fraudster known as nclay was selling 77 million Edmodo accounts on the Dark Web for $1,000. Account samples provided by for-profit breach notification service LeakBase appeared to be legitimate Edmodo profiles. The site did note, however, that the passwords were hashed with “robust bcrypt algorithms” and properly salted, making them more difficult for cybercriminals to crack.

2. HandBrake

Between May 2 and May 6, users who downloaded popular open source Mac video transcoder HandBrake from its download.handbrake.fr mirror had a 50/50 chance of infection. Using a variant of the MacOS Proton remote access Trojan (RAT), fraudsters were able to replace the HandBrake Apple Disk Image file with a malicious version that allowed them to steal login credentials from the OS X keychain, as well as stored browser passwords.

While there’s no word on the number of users infected — likely on the low side, since the exploit was only active for five days, and HandBrake isn’t exactly ubiquitous — the attack serves as a sobering reminder that Apple devices are no longer safe havens. Cybercriminals are willing and able to crack Apple’s vaunted GateKeeper protection, but many companies still assume that iOS and OS X offerings come with inherently lower risk.

3. WannaCry

While not exactly a data breach per se, this is certainly the king of recent security incidents. WannaCry exploited Windows vulnerabilities and infected millions of users in May. The threat actors used the EternalBlue exploit, which was released by the Shadow Brokers cybercrime group, to compromise server message block (SMB) v1 tools. This allowed attackers to both encrypt files and spread the malware to new hosts. The cybercriminals demanded payment in bitcoin for the release of files, with the ransom doubling after three days and attackers threatening to delete all files after one week.

While a security researcher was able to find and activate a kill switch to slow the spread of WannaCry, fraudsters developed new variants to circulate the infection worldwide. Although Microsoft patched the SMB exploit in March 2017, some affected Windows versions were too old for automatic support, and others were simply left unpatched.

4. NotPetya

NotPetya is similar to WannaCry but worse. The attack was designed not to make money, but to destroy data. While the creators borrowed code from the year-old Petya malware, the new strain has little in common with its progenitor. Instead of using unique cryptocurrency wallets, for example, NotPetya linked to a single bitcoin wallet and used a popular hosting service for its decryption key email address, which was promptly shut down after the attack began. In a worst-case scenario, this new malware — which spread faster than WannaCry — can cause both permanent and irreversible damage to computer hard drives, even if users decide to pay up.

Listen to the podcast: A Brief Overview of the Latest Petya Variant

5. Deep Root

Using the Shodan search engine, a security researcher discovered more than 1TB of personal information of more than 198 million Americans (61 percent of the US population) on an improperly secured, publicly accessible cloud server. The data was from a marketing database at a conservative analytics firm and was comprised of not only standard demographic data, but also sentiment analysis to determine how people felt about controversial issues that could be exploited by political ad targeting. In total, the data was publicly viewable for 12 days.

While some of this type of demographic data can be found via other public sources – including what people share on social media – the fact that it was organized in a single, vulnerable location is significant. Adding insult to injury, those affected did not opt-in or give consent to be represented. As the data contained much more proprietary analytics about how people felt about political issues, it could be used for targeted phishing attacks or identity theft.

This type of incident shows the dangers and ethics of mass data collection and the necessity to properly secure this sensitive information.

Hope for the Second Half of 2017

Thankfully, it’s not all doom and gloom. The average cost per record is down more than 11 percent this year to $141, while the total cost of a data breach — $3.62 million — is also down 10 percent. Of course, paying less to clean up a cyberbreach isn’t exactly comforting. Can companies effectively defend their data from attackers in the second half of 2017?

The answer is yes — mostly. Distributed denial-of-service (DDoS) attacks can now take down websites in seconds, and the threat of physical break-ins always looms large. But the vast majority of breaches stem from two sources: accidental employee exposure and vulnerable code that hasn’t received available patches.

If you want to reduce your risk surface and frustrate attackers, teach employees not to open emails from unknown sources, report to IT immediately if they visit potentially harmful websites, and make sure operating systems and commonly used apps are regularly updated. These tactics can both thwart malicious actors and help keep organizations safe from cyberthreats in the second half of 2017.

More from Data Protection

Why safeguarding sensitive data is so crucial

4 min read - A data breach at virtual medical provider Confidant Health lays bare the vast difference between personally identifiable information (PII) on the one hand and sensitive data on the other.The story began when security researcher Jeremiah Fowler discovered an unsecured database containing 5.3 terabytes of exposed data linked to Confidant Health. The company provides addiction recovery help and mental health treatment in Connecticut, Florida, Texas and other states.The breach, first reported by WIRED, involved PII, such as patient names and addresses,…

Addressing growing concerns about cybersecurity in manufacturing

4 min read - Manufacturing has become increasingly reliant on modern technology, including industrial control systems (ICS), Internet of Things (IoT) devices and operational technology (OT). While these innovations boost productivity and streamline operations, they’ve vastly expanded the cyberattack surface.According to the 2024 IBM Cost of a Data Breach report, the average total cost of a data breach in the industrial sector was $5.56 million. This reflects an 18% increase for the sector compared to 2023.Apparently, the data being stored in industrial control systems is…

3 proven use cases for AI in preventative cybersecurity

3 min read - IBM’s Cost of a Data Breach Report 2024 highlights a ground-breaking finding: The application of AI-powered automation in prevention has saved organizations an average of $2.2 million.Enterprises have been using AI for years in detection, investigation and response. However, as attack surfaces expand, security leaders must adopt a more proactive stance.Here are three ways how AI is helping to make that possible:1. Attack surface management: Proactive defense with AIIncreased complexity and interconnectedness are a growing headache for security teams, and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today