You’ve all heard about Edward Snowden and PRISM lately. And you’ve probably heard several stories about data breaches this year. And I guess you’ve noticed that media has been telling such stories more often than ever the last year. To give you an idea of what’s been going on the last ten years, you should have a look at a cool infographic I accidentally found in a blog post the other day. It shows the dark side of the Internet.
Cool infographic – terrifying information
Below is an amazing visualization showing what’s been going on behind the scenes since 2004. It’s interesting, useful and shocking to most people who don’t work with cyber security on a daily basis. The infographic is a really nice piece of work by the team at Information is Beautiful, it’s interactive for you to dig deeper, and I encourage you to check it out and read about the different breaches.
It shows selected corporate, government and academic data breaches that involves more than 30,000 records, which leaves out a big bunch of smaller breaches. The data is broken down by the method used to steal the records: Accidentally published, hacked, inside job (like Snowden), lost or stolen media, poor security or virus – or unknown. You can view the bubble size by number of records stolen or data sensitivity.
Trends: Gaming sites and organizations have suffered the most. Financial institutions and universities seem to have become more secure lately, or maybe less attractive targets. More worrying is that health care seems to be a leaky sector accounting for over 50 % of breaches stemming from lost or stolen computers. You were at biggest risk last year if you use popular web services with 50 million Living Social and Evernote records stolen, 22 million Yahoo! Japan records, 6 million Facebook records, and “only” 250.000 Twitter records compromised. For organizations the ugly trend is the same with million of records stolen. The worst year as a total was in 2009 when Heartland Payment credit card alone lost 130 million transaction records.
Click on the bubbles to get more information on individual incidents. Cool infographic, terrifying information.
The tip of the iceberg
There have been a lot of breaches before 2004 that’s not part of this infographic. And I guess the infographic shows the most high-profiled attacks, and a lot of breaches are never reported to the public. Then there are a lot of breaches involving less than 30.000 stolen records. So you’re only seeing the tip of the iceberg in this infographic.
By the way, what was the worst data breach incidents of 2012? CSO presented a slide deck showing the worst breaches by July last year. I wrote a blog post about it back then, and you’ll find it here. If you want to read some of my blog posts about IT security, click here for an overview (English and Norwegian posts).
The interesting question now is what it will look like in ten years. I don’t know, but I think it will be beyond our imagination today – because we don’t know how big the iceberg is below the tip. And the iceberg will grow in a faster pace in the coming years attracting professional criminals from all over the world since cyber crime has become bigger than global drugs trade.
Do you want to know more?
If you want to know more about data breaches after having read the infographic, there are a lot of web sites you can visit. One of them is DataLossDB, which is a research project aimed at documenting known and reported data loss incidents worldwide. The infographic itself is based on information from Databreaches.net and Identity Theft Resource Center. And big security companies publish their own reports, like The 2013 Data Breach Investigations Report from Verizon. Lastly, STOP.THINK.CONNECT. is a global cyber security awareness campaign to help all digital citizens stay safer and more secure online. In addition, many countries have their own national resources as well.
Lastly, here is the ad: If you would like to encrypt Dropbox (and soon other services), you can have a look at Ensafer that is a product of my company.
Check it out!
Click here or on the picture below to open the interactive infographic.
End to end encryption seems to be the only true secure way to store and share your information using clouservices. Eagerly awaiting Ensafer as a userfriendly option for such encryption!
I realise I am arriving to this rather late, but I could not help but be baffled by your conclusion above. The idea of the cloud is a useful one (though not really a new one), but the entire concept merits some revisiting. What is it about the so-called “cloud” infrastructure that precludes you running all of it from the comfort of your own home? If you’re anything like the average IT user, you may very well have a NAS or mediaserver operating in your home, and that’s really all the cloud you’re ever going to need.
Endpoint encryption is a meaningful solution to a meaningless problem; or, as a friend of mine would say, “You’re asking the wrong questions.”
[…] The World’s Biggest Data Breaches […]