Identity Breach Report Finds New COVID-19 Cyber Vulnerabilities

Report examines new trends in the deep and dark web, how threat actors are exploiting the global COVID-19 crisis, and risks to individuals, executives, and brands.

July 30, 2021

3 Min Read


PR Newswire -- July 30, 2021

LOS ALTOS, Calif., July 30, 2021 /PRNewswire/ -- Today, Constella Intelligence
("Constella"), a leader in Digital Risk Protection and Identity Threat
Intelligence, released their 2021 Identity Breach Report, PII Fuelling the
Threat Economy: How Crisis Creates Targeted Vulnerabilities for Individuals,
Executives, and Brands. The report evaluates data collected from Constella's
extensive database of over 45 billion archived identity records from data
breaches and leakages found on the surface, deep, and dark web in addition to
trends identified in deep and dark marketplaces over the past year.

Report: New COVID Cyber Vulnerabilities, Exposures for Energy & Telecom
Sectors/Executives, and Dark Market COVID Items

The report found that the COVID-19 pandemic engendered new vulnerabilities in
the digital ecosystem for threat actors to exploit, resulting in items like
vaccines, fraudulent vaccine certificates, and other COVID-19 related items
being sold in dark marketplaces and underground forums. Constella's research
analyzed the value of personally identifiable information (PII), drawing links
between the breach economy, PII, and a range of emerging digital threats to
executives and brands. Notably, Constella, observed an exorbitant spike in the
price of sensitive personal records sold in the deep and dark web, with the
price of driver's licenses, passports, and ID cards increasing significantly
from the previous year analyzed - plausibly due to an increased demand for
personal records during the pandemic. Constella's 2021 Identity Breach Report
also includes a deep dive into the top companies in the Energy and
Telecommunications sectors that appeared in the Fortune Global 500 list,
demonstrating increasing exposure and vulnerability of companies in the sector,
employees, and executives over the past year.

"The COVID-19 pandemic has shown us the fragility of our online infrastructure,"
said Constella Intelligence CEO, Kailash Ambwani. "As people continue to rely on
digital solutions and working from home, both companies and individuals must
take new precautions to protect themselves from potential threat actors."

Key Findings From 2020 Include:

-- Nearly 60% of the data breaches analyzed exposed some form of PII and
72% of these breaches included passwords.
-- Over 40% of executives from a sample of Fortune 500 companies in Energy
and Telecommunications sectors were exposed in a breach over the last 5
-- Fortune 500 companies in Energy and Telecommunications have had their
corporate domains exposed in approximately 11k breaches/leakages since
2016, and over 40% of these exposures occurred since 2020, indicating
worsening security of corporate credentials.
-- Out of a sample of 55 Fortune 500 Energy executives, nearly 1/4 have had
their passwords exposed.
-- Constella observed the sale of vaccine doses--such as AstraZeneca,
Pfizer, Moderna, and Sputnik--in multiple dark marketplaces ranging from
as little as $8 to as much as nearly $850.
-- Crypto-Currency, News, and Healthcare industries saw 120%, 110%, and 51%
increases (respectively) in breaches and leakages compared to 2019.
-- Compared to the findings in Constella's 2020 Identity Breach Report, the
price of personal records transacted in dark marketplaces increased
significantly, including passports (+1,185%), and driver's licenses
(+328%), ID cards (+642%), possibly due to increased demand for false
identification records during the pandemic.
"Threat actors continue to find new ways to target individual and company data
due to new vulnerabilities created in times of uncertainty and crisis. PII
continues to fuel malign activities in the digital ecosystem," said Alex Romero,
COO of Constella Intelligence. "Executives are specifically being targeted for
their high-level access within organizations."

Constella monitors the surface, social, deep, and dark web for identity related
breaches and verifies the authenticity of those data sets. Click here to
download the report.

About Constella Intelligence

Constella Intelligence is a global leader in Digital Risk Protection that works
in partnership with some of the world´s largest organizations to safeguard what
matters most and defeat digital risk. Our solutions are a unique combination of
proprietary data, technology, and human expertise to anticipate, identify, and
remediate targeted threats to your executives, your brand, and your assets at
scale--powered by the most extensive breach and social data collection from the
surface, deep and dark web on the planet, with over 100B attributes and 45
billion curated identity records spanning 125 countries and 53 languages.

View original

SOURCE Constella Intelligence

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights