-
- Data leaks are on the rise
- They are very dangerous for businesses and individuals alike.
- Solutions exist to avoid the worst
This is an alarming report to say the least. The Identity Theft Resource Center (ITRC), a non-profit organization that was launched to help victims of identity theft, has just released its annual survey for 2022.
Data leaks on the rise
The organization has estimated that 422 million people were victims of data theft last year. If these leaks have no consequences for many of them, it can also end very badly with in some cases identity theft and many problems in asserting their rights.
Concretely, this represents an increase of 41.5% compared to the total reported by the ITRC in 2021. Among the biggest data leaks, we find Twitter. The personal information of 220 million users has allegedly been put up for sale on the dark web.
Among the most stolen personal data last year, the report cites first and last names, e-mail addresses, passwords, and certain more compromising elements such as social security numbers, which are often used in identity theft cases.
The ITRC also denounces the lack of transparency of certain platforms, since only 34% of data breach reports contain precise details of what was disclosed during the data breach. However, it is important that Internet users are well aware of the danger in order to take preventive or mitigation measures in cases where the leak is already concrete.
How to protect against data leaks?
If this report mainly concerns the United States, the Internet has no borders and this problem is also a big issue in France. In an articlethe cybersecurity company Proofpoint also provides valuable advice to companies to combat personal data leaks.
Experts insist on the danger of e-mails in the context of phishing attacks. It is therefore necessary to adopt a security solution adapted to this issue. This includes basic email screening and content analysis that identifies the different types of messages that target your employees.
They also suggest email authentication such as Domain-based Message Authentication Reporting and Conformance (DMARC) to ensure legitimate email authenticates properly and fraudulent activity under your organization’s control is blocked. »
Another tip: data loss prevention, which prevents sensitive information from leaving your gateway.
Finally, raising employee awareness of cybersecurity issues is essential. Training sessions can incorporate simulations of phishing attacks. The implementation of a reporting tool that can quickly identify hacking attempts is also suggested.
