Data breaches aren’t slowing down. If anything, they’re set to break last year’s record pace. As noted by 24/7 Wall Street, the 758 breaches reported this year mark nearly a 30 percent increase from 2016. If cybercriminals keep it up, the total number of attacks could break 1,500 by the end of 2017.

Top Five Data Breaches of the First Half of 2017

Recent research by the Ponemon Institute found that companies have a 1-in-4 chance of experiencing a data breach. Still not convinced of the risks? Here’s a look at the top five data breaches (so far) this year.

1. Edmodo

In May, education platform Edmodo was breached. The company’s vice president of marketing and communications told Motherboard that the organization had “learned about a potential security incident” and was taking the report “very seriously.” Meanwhile, a fraudster known as nclay was selling 77 million Edmodo accounts on the Dark Web for $1,000. Account samples provided by for-profit breach notification service LeakBase appeared to be legitimate Edmodo profiles. The site did note, however, that the passwords were hashed with “robust bcrypt algorithms” and properly salted, making them more difficult for cybercriminals to crack.

2. HandBrake

Between May 2 and May 6, users who downloaded popular open source Mac video transcoder HandBrake from its download.handbrake.fr mirror had a 50/50 chance of infection. Using a variant of the MacOS Proton remote access Trojan (RAT), fraudsters were able to replace the HandBrake Apple Disk Image file with a malicious version that allowed them to steal login credentials from the OS X keychain, as well as stored browser passwords.

While there’s no word on the number of users infected — likely on the low side, since the exploit was only active for five days, and HandBrake isn’t exactly ubiquitous — the attack serves as a sobering reminder that Apple devices are no longer safe havens. Cybercriminals are willing and able to crack Apple’s vaunted GateKeeper protection, but many companies still assume that iOS and OS X offerings come with inherently lower risk.

3. WannaCry

While not exactly a data breach per se, this is certainly the king of recent security incidents. WannaCry exploited Windows vulnerabilities and infected millions of users in May. The threat actors used the EternalBlue exploit, which was released by the Shadow Brokers cybercrime group, to compromise server message block (SMB) v1 tools. This allowed attackers to both encrypt files and spread the malware to new hosts. The cybercriminals demanded payment in bitcoin for the release of files, with the ransom doubling after three days and attackers threatening to delete all files after one week.

While a security researcher was able to find and activate a kill switch to slow the spread of WannaCry, fraudsters developed new variants to circulate the infection worldwide. Although Microsoft patched the SMB exploit in March 2017, some affected Windows versions were too old for automatic support, and others were simply left unpatched.

4. NotPetya

NotPetya is similar to WannaCry but worse. The attack was designed not to make money, but to destroy data. While the creators borrowed code from the year-old Petya malware, the new strain has little in common with its progenitor. Instead of using unique cryptocurrency wallets, for example, NotPetya linked to a single bitcoin wallet and used a popular hosting service for its decryption key email address, which was promptly shut down after the attack began. In a worst-case scenario, this new malware — which spread faster than WannaCry — can cause both permanent and irreversible damage to computer hard drives, even if users decide to pay up.

Listen to the podcast: A Brief Overview of the Latest Petya Variant

5. Deep Root

Using the Shodan search engine, a security researcher discovered more than 1TB of personal information of more than 198 million Americans (61 percent of the US population) on an improperly secured, publicly accessible cloud server. The data was from a marketing database at a conservative analytics firm and was comprised of not only standard demographic data, but also sentiment analysis to determine how people felt about controversial issues that could be exploited by political ad targeting. In total, the data was publicly viewable for 12 days.

While some of this type of demographic data can be found via other public sources – including what people share on social media – the fact that it was organized in a single, vulnerable location is significant. Adding insult to injury, those affected did not opt-in or give consent to be represented. As the data contained much more proprietary analytics about how people felt about political issues, it could be used for targeted phishing attacks or identity theft.

This type of incident shows the dangers and ethics of mass data collection and the necessity to properly secure this sensitive information.

Hope for the Second Half of 2017

Thankfully, it’s not all doom and gloom. The average cost per record is down more than 11 percent this year to $141, while the total cost of a data breach — $3.62 million — is also down 10 percent. Of course, paying less to clean up a cyberbreach isn’t exactly comforting. Can companies effectively defend their data from attackers in the second half of 2017?

The answer is yes — mostly. Distributed denial-of-service (DDoS) attacks can now take down websites in seconds, and the threat of physical break-ins always looms large. But the vast majority of breaches stem from two sources: accidental employee exposure and vulnerable code that hasn’t received available patches.

If you want to reduce your risk surface and frustrate attackers, teach employees not to open emails from unknown sources, report to IT immediately if they visit potentially harmful websites, and make sure operating systems and commonly used apps are regularly updated. These tactics can both thwart malicious actors and help keep organizations safe from cyberthreats in the second half of 2017.

More from Data Protection

How to craft a comprehensive data cleanliness policy

3 min read - Practicing good data hygiene is critical for today’s businesses. With everything from operational efficiency to cybersecurity readiness relying on the integrity of stored data, having confidence in your organization’s data cleanliness policy is essential.But what does this involve, and how can you ensure your data cleanliness policy checks the right boxes? Luckily, there are practical steps you can follow to ensure data accuracy while mitigating the security and compliance risks that come with poor data hygiene.Understanding the 6 dimensions of…

Third-party access: The overlooked risk to your data protection plan

3 min read - A recent IBM Cost of a Data Breach report reveals a startling statistic: Only 42% of companies discover breaches through their own security teams. This highlights a significant blind spot, especially when it comes to external partners and vendors. The financial stakes are steep. On average, a data breach affecting multiple environments costs a whopping $4.88 million. A major breach at a telecommunications provider in January 2023 served as a stark reminder of the risks associated with third-party relationships. In…

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today