Home > 2013 > Identity Theft > 80% of Data Breaches Require Little Skill to Complete

80% of Data Breaches Require Little Skill to Complete

Advertiser Disclosure Comments 1 Comment

There is a large and growing risk of data breaches affecting businesses of all sizes, and the unfortunate truth of the matter is that many of these companies simply aren’t doing enough to adequately protect themselves.

In 2012, nearly seven in every 10 data breaches suffered worldwide were not discovered by the companies that took the hit, but rather a third party, according to the latest Data Breach Investigations Report from the Verizon RISK Team. In addition, 9 percent of these incidents were actually spotted by the customers of the company itself. More concerning, however, might be just how easy it was for hackers to gain access to the data using relatively common and easily avoidable tactics. Nearly three in 10 such incidents were at least partially the result of cybercriminals using email, phone contact or social media networks to gain access to critical information, and more than three-quarters exploited weak or stolen login data.

In fact, nearly 80 percent of all such incidents required very little expertise to pull off, the report said. While one in 10 were so easy the average Internet user could have caused them, another 68 percent were the result of hacking attacks using the most basic methods, requiring relatively few resources to complete. Only one breach suffered in all of 2012 required “advanced skills, significant customizations, and/or extensive resources” to complete.

That is likewise reflected in the amount of time it took to cause most data breaches, the report said. Altogether, 84 percent took hours or even minutes to perpetrate, while these incidents typically took months or even years to discover. Nearly two-thirds of all breaches took at least that long, up from just 56 percent the year before, proving that it’s actually becoming more difficult to spot breaches, as well as contain them. While most were remediated in hours or days, nearly a quarter took months.

Companies that control sensitive information either for their clients or consumers may consequently want to do all in their power to ensure that they are as protected as possible against breaches in general. This can often be as simple as beefing up online security and properly training workers as to the proper basic procedures for protecting this data, but even those easy steps can significantly increase security and reduce liability in the event a business is targeted.

Image: iStockphoto

Comments on articles and responses to those comments are not provided or commissioned by a bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by a bank advertiser. It is not a bank advertiser's responsibility to ensure all posts and/or questions are answered.

Please note that our comments are moderated, so it may take a little time before you see them on the page. Thanks for your patience.

Certain credit cards and other financial products mentioned in this and other articles on Credit.com News & Advice may also be offered through Credit.com product pages, and Credit.com will be compensated if our users apply for and ultimately sign up for any of these cards or products. However, this relationship does not result in any preferential editorial treatment.