The worst—and most preventable—data breaches of 2019

According to Dark Reading, a leading information security news source, 2019 is likely the worst year for cyber-attacks and data breaches in history. In just the first nine months of 2019, over 7.9 billion records were exposed from 5,000 breaches. Almost half of those records were exposed in six giant data breaches.

While malicious actors were partly responsible for the breaches, millions of records were exposed on accident by companies and individuals who did not know how to properly protect or dispose of their information. As cybercriminals become trickier and data breaches become an ever-present threat, secure data destruction is more valuable than ever.

In 2020, be aware of how you and your organization dispose of your information. It could save you from devastating data breaches like these.

Breach 1: First American Financial Corporation

In May, Fortune 500 real estate title insurance company First American Financial Corporation realized there was a common design flaw in its website exposing over 885 million financial records. Due to this web design issue, anyone who knew where to look on their internet browser could find First American user’s records dating back to 2003.

The exposed files included account numbers, statements, mortgage records, tax documents, wire transfer receipts, Social Security numbers and photos of drivers’ licenses. Although the breach was an accident, malicious actors exploited the breach quickly. Forbes encouraged anyone who had worked with First American starting in ’03 to freeze their credit until further notice.  This obvious inconvenience happened to millions of people whose information should have been safe.

Breach 2: Verifications.io

Verifications.io, a third-party email address verification platform, leaked over 763 million records in early 2019. Security researchers Bob Diachenko and Vinny Troia stumbled upon the breach when they discovered “the biggest and most comprehensive email database” they had ever reported. The database was not password protected and quickly led them back to Verifications.io.

Some of the exposed data included email addresses, names, genders, IP addresses, phone numbers and other personal records. Again, it impacted millions of people. It also included business data like employee information and revenue data from a variety of businesses. According to the researchers, this is the largest breach from a single source ever.

Breach 3: Small Businesses

Big corporations are by no means the only companies vulnerable to data breaches. By September 2019, about one-third of small businesses in the United States had been victims of breaches. Breaches on small businesses can be targeted attacks, simple accidents, or internal malicious actors.

While data security for small businesses is not widely publicized, the fastest-growing segment is organizations with less than 50 employees. These data breaches are not only cyber but also occur from the mishandling of paper documents as well.  Small companies are less likely to have comprehensive cybersecurity measures and policies aimed at the proper disposal of their unneeded but confidential data.

For more information on how to prevent a data breach, contact DataShield—a nationally certified information disposal and electronic recycling company dedicated to your security.

Start protecting your documents and data now.