Attacks/Breaches

1/31/2017
11:00 AM
50%
50%

Over 4.2 Billion Records Exposed In 4,149 Breaches In 2016

Survey says US and UK witnessed more than half of 2016 global breaches; 52% of attacks compromised Social Security Numbers.

A survey by Risk Based Security reveals that 2016 saw a significant rise in worldwide breaches and data theft with incidents in US (1,971) and UK (204) accounting for more than half of them, NBC News reports. Most alarming, says another study, is the increase in theft of Social Security Numbers (SSN) because 52% of all 2016 breaches involved SSNs – up from 44% in 2015 – carried out through spear-phishing.

Last year, over 4.2 billion records were exposed in 4,149 cyber incidents which is around 3.2 billion more records from the previous high of 2013, with Yahoo breaches contributing majorly to the increase. While businesses were prime targets, accounting for 55% of all attacks, severity of breach had increased, too, with an average severity score of 9.96 out of 10 reported among the 10 biggest breaches of 2016.

Hackers appear to be getting better with sophisticated methods of attacks and more precision, says an Online Trust Alliance report.

“They're targeting specific companies and industry sectors and not just for consumer data, but for business data, data regarding acquisition and mergers, data that may also harm a company's reputation," it adds.

Read full report on NBC News.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: When Harry Met Sally
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20127
PUBLISHED: 2018-12-13
An issue was discovered in zzzphp cms 1.5.8. del_file in /admin/save.php allows remote attackers to delete arbitrary files via a mixed-case extension and an extra '.' character, because (for example) "php" is blocked but path=F:/1.phP. succeeds.
CVE-2018-20128
PUBLISHED: 2018-12-13
An issue was discovered in UsualToolCMS v8.0. cmsadmin\a_sqlback.php allows remote attackers to delete arbitrary files via a backname[] directory-traversal pathname followed by a crafted substring.
CVE-2018-20129
PUBLISHED: 2018-12-13
An issue was discovered in DedeCMS V5.7 SP2. uploads/include/dialog/select_images_post.php allows remote attackers to upload and execute arbitrary PHP code via a double extension and a modified ".php" substring, in conjunction with the image/jpeg content type, as demonstrated by the filena...
CVE-2018-6706
PUBLISHED: 2018-12-12
Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to introduce custom paths during agent installation in Linux via unspecified vectors.
CVE-2018-6705
PUBLISHED: 2018-12-12
Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.