Data breaches on the rise
This year, data breaches rose 70% in Q3 2022 compared to the previous quarter. A total of 108.9 million accounts were breached.
A lot of countries were affected, but the most affected were Russia, France, Indonesia, the United States, and Spain. Russia had the most breaches overall (22.3 million), but France had the highest breach density, averaging 212 leaked accounts per 1000 people, that’s a lot.
This information comes from a new study by cybersecurity company Surfshark.
“It’s concerning to see data breaches rising again after a comparatively timid first half of the year, putting a massive 108.9M internet users at risk,” said Agneska Sablovskaja, lead researcher at Surfshark.
“Global user breaches are 70% higher this quarter than the last. Every second in the past three months, 14 accounts were leaked – all of them coming from different countries.“
The war in Ukraine certainly has something to do with the increase in data breaches. But companies should put in place safety measures to avoid data breaches.
From a regulatory standpoint, in Indonesia, the breached user count has grown by a striking 1370% in the last quarter, which alongside previous incidents, has pushed the parliament to ratify the Personal Data Protection Act. For more data about the most impactful data breaches in Q3 2022, the Surfshark report is available at this link.
How can we prevent a data breach?
Although there is no absolute security, you can still do something to protect your information. In the event of a data breach, the regulatory authority will verify if you have done what was possible to protect the data. On that basis, they will decide the next steps based on privacy laws. If you have done everything possible and acted in accordance with the law, they will take that into consideration.
Six ways to protect yourself from data breaches include:
1. Restrict access to your most valued data. – Ensure only authorized personnel has access to your data, and only the data required for their business processes.
2. Third-party vendors must comply. – Many companies have third-party providers who have to sign confidentiality and privacy contracts, but do you really audit them? How do you enforce your rules and regulations? Be sure to find a way to ensure the compliance of your suppliers.
3. Provide security awareness training to employees. – “It is well known that education is the strongest line of defense. People should be able to identify and respond to cyber threats. Believe it or not, employees are known to leave these courses, return to their desks and open suspicious emails without even thinking twice. Marketing studies show that most people need to hear the same message at least seven times before it starts to change their behaviors.
4. Update the software at regular intervals. – Experts recommend keeping all application software and operating systems up to date on an ongoing basis. Install patches whenever available. Your network is vulnerable when systems and software are not updated regularly.
5. Develop a cybersecurity incident response plan. – Creating a plan in case of a data breach is a must. You should know what to do if there is a data breach. How to limit exposure? Should you get in touch with the authorities? Should you contact the people involved? Who is responsible for each step? Developing a comprehensive breach preparedness plan enables both the employees and the employer to understand the potential damages that could occur.
6. Hard to break passwords. – Your systems and employees should use strong passwords that are long. The length and complexity of a password are in many cases better protection than weak passwords which are changed from time to time. Please ensure your password policy is strong and enforced.
Additional security measures will also help protect your data. Therefore, be sure to do a thorough risk assessment to understand your risks and the controls you must implement to reduce those risks.