If you flew on Malaysia Airlines in the past 10 years, had a Facebook account or use T-Mobile for your cellular connection, the likelihood of your personal information floating around on the dark web — or anywhere online — is high. It's so likely that a new report shows the number of people in the U.S. compromised by data breaches are up an astounding 564 percent already for the first quarter of 2021.
People continue to be wrapped into data breaches at astronomical rates — to the tune of 51 million in the U.S. alone for the first quarter of 2021. So says a new report from the Identity Theft Resource Center (ITRC), founded in 1999, which reports that the number of people — not companies — having their phone number, email address or some other form of data compromised increased 564 percent from the fourth quarter of 2020 to the first quarter of 2021.
And the primary methods attackers use to get this information? They're turning to ransomware or phishing — and they're not just going after people, they're hitting companies.
ITRC pointed to trends that have been echoed by the FBI and other groups that hackers are preferring to go after big companies because they can aim at one target, but grab a lot of information in the mix. And that's why the number of overall U.S. compromises have only increased 12 percent over the same period — but have netted many more fish, or data points.
"While the number of data compromises is only up slightly, the rise in supply chain attacks is troubling," said Eva Velasquez, ITRC's president and CEO in a statement. "Supply chain, phishing, and ransomware attacks reflect a broader trend that cybercriminals want to exploit multiple organizations through a single point-of-attack. The most important action people can take to help protect themselves is to exercise good cyber-hygiene habits."
These breaches happen so frequently around the globe, that it's hard not to imagine someone not affected. After all, more than 500 million Facebook users had their phone numbers, birthdates and more leaked online — just this year — through what the social media company claimed came from the site being scraped. Took a trip in the past 10 years on Malaysia Airlines? Your name and even your gender may have been breached along with your birthday and frequent flyer details. And if your phone is connected with T-Mobile, your phone number and call records may have been breached as well. And this all happened just in the first few months of 2021.
Attacks on big companies are not something individual people can control much. They can however, learn how to recognize signs of phishing, and also take steps to secure their digital accounts and data, and lock down as much of their data — and maybe avoid being a data victim themselves.