Home Malware 2019 in review: data breaches, GDPR’s teeth, malicious apps, malvertising and more

2019 in review: data breaches, GDPR’s teeth, malicious apps, malvertising and more

by ethhack

Midyear reports showed a 54 percent increase in breaches over last year with more than 4 billion records compromised. The year is ending with news about breaches impacting customers of Macy’s and T-Mobile. Disney’s new streaming service, Disney+, wasn’t even online for a full day before hackers got in and compromised user accounts.

Data breach landscape

Despite the fact that 2019 saw an increase in breaches, there was something noticeable absent – there wasn’t one truly massive data breach. I’m talking about the Equifax, Yahoo, Marriot, TJ Maxx, and Target magnitude. For the past decade, just about every year has been punctuated by a signature data breach, one that made headline news for months and that are still talked about to this day. While 2019 might end up being the year with the most data breaches, there was no single massive data breach with lasting headline impact.

That’s not to say there weren’t major incidents. Hackers installed surveillance software on WhatsApp that had the potential to compromise more than a billion users worldwide. Fortnite users were warned they could be at risk after users were hit by ransomware. But while these incidents could have been huge, it appears that they didn’t have the type of impact the hackers might have hoped for.

It can’t be just luck. We know that the bad guys are still extremely active and aggressive, but have large organizations taken notes from these previous massive incidents and become better at protecting their large pools of data? Are they taking advantage of evolving security tools leveraging AI to detect and stop attacks before the damage is done? Are they more focused on basic security hygiene and practices, processes and training, so that if there is a breach, they are able to respond more efficiently? Something has changed in 2019 when it comes to that massive signature data breach – one that is a positive step forward.

GDPR has teeth

GDPR went into effect in May 2018. By September 2018, British Airways had disclosed its data breach had impacted 500,000 people. GDPR fines were imposed in 2019 at $230 million, or the cost of two jumbo jets for the airline.

So, yes, 2019 saw that GDPR has teeth. And this fine is chump change compared to fines expected for large tech companies; Facebook is facing fines of nearly $2 billion. Vulnerabilities were found in the Facebook code that allowed hackers to steal access tokens, affecting millions of EU users.

Copyright © 2019 IDG Communications, Inc.

Source link

Related Articles

Leave a Comment