Home Page Featured 4

  • The Identity Theft Resource Center (ITRC) unveiled its 15th annual data breach report, which revealed a 19 percent decrease in breaches and a 66 percent decrease in individuals impacted. 
  • The ITRC 2020 Data Breach Report identifies a trend that cybercriminals are less interested in stealing large amounts of consumers’ personal information. 
  • Threat actors are now more interested in taking advantage of bad consumer behaviors to attack businesses using stolen credentials like logins and passwords.  
  • The report also states an increase in ransomware attacks, supply chain attacks and unsecured databases. 
  • For more information on the latest data breach information, visit the ITRC’s interactive data breach tracking tool, notified. It is updated daily and free to consumers.   
  • Consumers and victims can receive free support and guidance from a knowledgeable live-advisor by calling 888.400.5530 or visiting idtheftcenter.org to live-chat. 

Each January, the Identity Theft Resource Center (ITRC) releases its annual data breach report, breaking down the numbers, trends, attack methods and much more. For the last 15 years, the ITRC has tracked publicly-reported data breaches in an effort to make businesses and consumers aware of the latest information. While parts of the ITRC’s 2020 Data Breach Report reveal encouraging statistics, some worrisome trends also exist. 

The Number of Data Breaches and People Impacted Decrease 

After a 17 percent increase in data breaches in 2019 (1,473), the number decreased by 19 percent in 2020 (1,108). Even better, the number of individuals impacted dropped by 66 percent. In years past, the ITRC saw data breaches on the rise. However, there is a reason for the decline in breaches and consumers impacted.  

A Shift in the Cybercriminals Tactics 

The ITRC 2020 Data Breach Report shows the continuation of one trend from 2019. Cybercriminals are less interested in stealing large amounts of consumers’ personal information. Instead, threat actors are more interested in taking advantage of bad consumer behaviors to attack businesses using stolen credentials like logins and passwords. It is why ransomware and phishing attacks directed at organizations are now the preferred data theft method by cyberthieves.   

The shift comes as no surprise to the ITRC. One ransomware attack can generate as much revenue in minutes as hundreds of individual identity theft attempts over months or years. Coveware reports that the average ransomware payout has grown from less than $10,000 per event in Q3 2018 to more than $233,000 per occurrence in Q4 2020.    

Other Notable Findings 

There were other notable findings in the report: 

  • Supply chain attacks are becoming increasingly popular with attackers since they can access the information of larger organizations or multiple organizations through a single, third-party vendor. Often, the attacked organization is smaller, with fewer security measures than the companies they serve.   
  • Unemployment benefits fraud hit consumers hard in 2020 and could continue well into 2021. Organized cybercriminals used stolen credentials and other identifying information to apply for unemployment benefits through state websites. In fact, Washington and Maryland each reported more than $500 million in fraudulent benefit claims and California more than $11 billion in 2020. The U.S. Department of Labor estimated the total identity-related fraud at more than $26 billion in all 50 states and the District of Columbia during that same timeframe. The unemployment benefits fraud attacks are another example of it being easier and more profitable to commit a cybercrime using stolen, legitimate credentials than hacking into a company’s computer network.  
  • Case studies on Blackbaud and Vertafore break down what happened in each data compromise and how it happened. For more information on these case studies, download the ITRC 2020 Data Breach Report 

Staying One Step Ahead of the Cybercriminals 

While it is encouraging to see the number of data breaches and the number of people impacted by them decline, businesses and consumers should understand that this problem is not going awayCybercriminals are just shifting their tactics to find a new way to attack businesses and consumers. People need to adapt their practices to stay one step ahead of the threat actors.  

What You Can Do 

Ransomware attacks, stolen credentials and unsecured databases affect consumers and businesses in many different ways. Here are what businesses and consumers can do to protect themselves from each threat: 

  • Ransomware attacks  While ransomware attacks do not typically affect consumers, businesses should 1) frequently back up their systems, 2) patch any software flaws as soon as they are noticed, and 3) refuse to pay any ransomware demands.  
  • Stolen credentials – To protect themselves, consumers should 1) not reuse any passwords, 2) switch to a 12-character unique passphrase, 3) use a password manager if needed, 4) use multi-factor authentication when possible, and 5) consider creating online accounts so cybercriminals cannot open one in your name. 
  • Unsecured databases  It is a misconception that cloud service providers are responsible for cybersecurity. To prevent leaving a database unsecured, businesses should 1) properly configure cybersecurity tools for cloud environments and 2) apply the same level of effort to protecting cloud environments as an on-premise system and data assets. 

To download the ITRC 2020 Data Breach Reportclick here. 

To learn more about the latest data breaches, visit the ITRC’s interactive data breach tracking tool, notified. It is updated daily and free to consumers.   

For anyone that has been a victim of a data breach, the ITRC recommends downloading its free ID Theft Help app to manage the various aspects of an individual’s data breach case.  

Consumers and victims can receive free support and guidance from a knowledgeable live-advisor by calling 888.400.5530 or visiting idtheftcenter.org to live-chat.  

  • A T-Mobile repeat data breach event resulted from unauthorized access to 200,000 customer accounts, including call records.
  • It is the fourth time T-Mobile has sent a data breach notification since 2018. The T-Mobile data breach in December was the second one in 2020.
  • An investigation into the SolarWinds data hack has not revealed any evidence suggesting the attackers sought or stole mass amounts of personal information. The target appears to be either intellectual property or the personal information of particular individuals for espionage purposes.
  • For information about recent data breaches, consumers and businesses should visit the Identity Theft Resource Center’s (ITRC) new data breach tracking tool, notifiedTM.
  • Keep an eye out for the ITRC’s 15th Annual Data Breach Report. The 2020 Data Breach Report will be released on January 27, 2021. 
  • For more information, or if someone believes they are the victim of identity theft, consumers can contact the Identity Theft Resource Center toll-free at 888.400.5530 or via live-chat on the company website. 

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for January 8, 2021. Each week, we look at the most recent and interesting events and trends related to data security and privacy. We started this podcast and a sister monthly program in 2020 in response to the shifts in privacy, security and identity issues: the changes in how criminals collect and use consumer and, increasingly, business information.

One of the trends that the ITRC has identified, and will explore in a report this spring, is the rise in the number of repeat data breaches, even as the overall number of data events is declining. That leads us to the title of this week’s episode – “Second Verse, Same as the First.”

While most of us were prepping for a socially distanced Christmas celebration, one of the largest mobile telephone companies posted a data breach notice on its website. It was not the first time T-Mobile issued a breach notice; it was the fourth time since 2018.

T-Mobile Repeat Data Breach Event

T-Mobile announced that an unauthorized party accessed a small percent of customer accounts, about 200,000 accounts, in early December 2020. The compromised data may have included call records — such as when a call was made, how long the call lasted, the phone numbers called and other information that might be found on a customer’s bill.

T-Mobile says the hackers did not access names, home or email addresses, financial data and account passwords or PINs. An investigation is on-going.

The December data event is the second time an attacker accessed customer information in the same year. Just months into 2020, a breach of the T-Mobile employee email system allowed criminals to see customer data and potentially misuse it. Information about more than one million prepaid customers was exposed in 2019, and cybercriminals compromised nearly two million accounts in 2018.

A Shift in Data Thieves Tactics

Research conducted by the ITRC shows the number of consumers who report being the victim of more than one identity crime has increased 33 percent in the past 18 months. It comes at a time when data thieves are shifting their tactics and targets. Our research shows they are focusing more on business data and less on mass amounts of consumer personal data.

While data breaches are dropping, cyberattacks are rising. The two are not the same. That’s an important distinction as a large and consequential cybersecurity breach occurred in late December 2020 and is likely still underway.

SolarWinds Data Hack Update

We talked about the attack in our last podcast before the holiday break, but the scope of this attack warrants an update.

Here’s what happened: A group of professional cybercriminals affiliated with the Russian government’s intelligence service was able to insert software into a common technology service used by governments and private companies, known as SolarWinds. An estimated 18,000 organizations have been exposed to the malware, including some of the largest agencies in the U.S. government – the Departments of Commerce, Treasury, Justice, State and most of the Fortune 500.

The good news for consumers is at this point, after nearly a month of investigation, there is no indication the attackers sought or stole mass amounts of personal information. As is common with this particular group of threat actors, the target appears to be intellectual property or the personal information of specific individuals for espionage purposes – not profit.

We will release a detailed report on the impact of identity-related crimes in May. We will issue our report on 2020 data breaches and trends on January 27, just a few weeks from now.

Contact the ITRC

If you have questions about how to protect your information from data breaches and data exposures, visit www.idtheftcenter.org, where you will find helpful tips on this and many other topics.

If you think you have already been the victim of an identity crime or a data breach and you need help figuring out what to do next, contact us. You can speak with an expert advisor on the phone (888.400.5530), chat live on the web or exchange emails during regular business hours. Just visit www.idtheftcenter.org to get started.

Next week listen to our sister podcast, The Fraudian Slip, which focuses on identity-related fraud when we talk with the Deputy Chief of the Internal Revenue Service’s Criminal Division about identity crimes and how they might impact your taxes.

In 2019, the Identity theft Resource Center (ITRC) saw a 17 percent increase in data breaches compared to 2018. Credential stuffing attacks exploded in 2019, as well as third-party contractors being breached. 2020 has been a different story.

While scams are up due to COVID-19, publicly-reported data breaches are down in the U.S. Despite millions of Americans shifting to working from home – where cybersecurity and data protections may not be as strong as their regular workspace, the number of data breaches has dropped by one-third (nearly 33 percent) in the first six months of 2020 compared to 2019. The data compromise decrease statistics do not stop there. More significantly, the number of individuals impacted by breaches dropped by 66 percent over the same time period one year ago.

Year -over-year January – June 2020 data breach trends provided by ITRC

The 2020 data breach statistics are good news for consumers and businesses overall. However, the emotional and financial impacts on individuals and organizations are still significant. In fact, the impact on individuals might be even more catastrophic as criminals use stolen personally identifiable information (PII) to misappropriate government benefits intended to ease the impact of the COVID-19 pandemic.

External threat actors continue to account for most successful data compromises (404), compared to internal threats from employees (83) and third-party contractors (53). Internal threat data compromises are the lowest they have been since 2018.

In comparison, January 1, 2019 to June 30, 2019 saw 588 breaches caused by an external threat actor, 126 breaches caused by an internal threat actor and 89 involved a third-party. The data compromise decrease can be attributed, in part, to more people working from home.

Due to the increase in remote work, employees have less access to the data and systems necessary to easily steal PII. However, businesses and employees are also hyper-focused on preventing identity theft.

Unless there is a significant uptick in data compromises reported, 2020 is on pace to see the lowest number of data breaches and data exposures since 2015.

Year-over-year data breach trends 2020 provided by ITRC
Year-over-year data breach trends 2020 provided by ITRC

With that said, there is reason to believe the lower number of breaches is only temporary. Cybercriminals have been using the billions of data points stolen in data breaches during the last five years to execute different types of scams and attacks, which include phishing, credential stuffing and other exploits that require PII. With so much data being consumed and so much focus on improved cyber-hygiene, both at work and at home, the available pool of useful data is being reduced.

At some point, cybercriminals will have to update their data, which should lead to a return of the normal threat pattern. While there are signs of increased cyberattacks that – if successful – could lead to PII being compromised, it is too early to tell when the uptick may occur. Even then, it is more likely to be a “dimmer switch” approach rather than just flipping on a light switch, meaning it will not happen all at once.

The ITRC will continue to monitor all of the publicly-reported data breaches daily and analyze them to keep businesses and consumers educated on what the cybercriminals are doing.

If someone believes they have had their information exposed as part of a data compromise, or is a victim of identity theft due to a data breach, they can live-chat with an ITRC expert advisor. They can also call toll-free at 888.400.5530. Advisors can help victims create action plans that are tailored to them.

Victims can also download the free ID Theft Help App. The app lets them track their case in a case log, access resources and tips to help them protect their identity and more.

For more information on the ITRC’s data breach tracking and trend analysis, or if your organization would like to subscribe to our monthly data breach product, please email notifiedbyITRC@idtheftcenter.org.

Many professionals view air-travel days as an opportunity to get some extra work done, pay bills online, or distract themselves during their commute by surfing the internet. The convenience and ease of use of modern laptops and iPads have made it easy to stay connected in route. As a result, public Wi-Fi is now commonplace in most major airports and even becoming more common on the airplanes themselves. As with most technological conveniences these days, in addition to the obvious advantages, wifi in airports pose additional risk to consumers who may not be aware that they’re in potentially dangerous ‘hot zones’ for identity theft.

Public wifi is a beacon for those who would seek to harvest your personal information through your internet connection. Free wireless networks are usually not password protected, or have a password that’s publicly available. This means that every time you sign on to a public wifi connection, you’re essentially sharing a connection with any and all strangers in the area. In an airport especially, even more so than in a coffee shop or other place usually associated with public wifi, the number of strangers in your immediate vicinity is usually much higher. Any and all of those have the potential ability to access the same network connection you’re using. All it takes is one malicious user on your network to cause you a lot of trouble.

Anytime you access public connections to the internet, your computer is more exposed to the threats of malware or viruses which may be present on another’s laptop, not to mention the threat of a nefarious fellow traveler snooping through your shared files, shoulder surfing to watch you input your passwords, or otherwise monitoring your internet activity. Most people don’t realize that when sharing a network internet connection with someone, there is no additional firewall or security in place to protect the information stored on your computer. This quite naturally makes places like airports and other areas that offer free public wifi very attractive to would-be identity thieves.

If you can avoid using public wifi altogether, do so…if you just can’t resist checking the scores or the weather while waiting to board your flight or arrive at your intended destination, try to avoid doing potentially dangerous activities like online banking, filing tax returns, or checking any email accounts that might have valuable information stored in it; as this information could be harvested from your machine and used against you. If you know you will be traveling often and find yourself using public wifi normally you may want to look into getting a personal VPN. A personal Virtual Private Network will help protect you against the dangers of public wifi.

If using public wifi unprotected, be wary of any wireless network that shows up with a stronger signal than the network offered by the known provider (in other words, if you’re in the American Airlines terminal, you shouldn’t choose that random linksys server over the one labeled “Americanterminal1access” for example). Often potential hackers will generate their own network signal to have others “hook up” to them, exposing all their information. Other network users will see the stronger signal and connect to it unwittingly, without realizing that they’ve just voluntarily offered up anything that isn’t independently password protected for viewing by the thief.

When using your home wireless connection, ensure that it’s always password protected. Remember, you never know who else may be online.