We are living in internet-reliant times. Everyone outsources and shifts aspects of their lives to online sources like social media, dating apps, and online workplaces and educational websites. With COVID-19 forcing us to emphasize online activities, the possibilities for data leaks are ever-growing.

Data leakage incidents are not always intentional, though most of the time, they are. Phishing attacks or malware sent via email and links are just some common examples. Both have high success rates, and once the malware is successfully installed on a device, leaking data is very easy. Private user information, including addresses, phone numbers, and more sensitive data like credit card numbers or passwords, are worth millions of dollars on the market.

845 GB of Data Leaked!

Recent examples showing the extent of leaked data in 2020 alone seem astonishing. Just a few weeks ago, nine dating apps leaked 845 GB of data. It may not sound a lot, but in fact, the leakage comprised private information of a few hundred thousand users. The leak includes explicit photos and messages that people would likely have instead kept confidential.

 Independent security researchers discovered the security breach for all affected websites.

The most shocking part of their discovery is that not a hacker was responsible for the leak but the companies themselves due to their careless configuration of the apps.

A standard workflow of data exfiltration. The hacker finds a way to infiltrate into the company infrastructure and after that uses other already hacked infrastructure to exfiltrate the data.

These websites and apps are mostly unknown, but data leaks can also happen to popular websites with millions of user account information leaked and stolen.

Big or Small – You’re Not Safe From Leaks

In 2014, a prominent commercial website’s entire user account list was leaked, with 145 million people affected. Users had to change their passwords as a consequence.

In 2012, a big social media website became a target, and 165 million business professionals’ data was readily available for sale. All users changed their passwords as well.

Other cases did not proceed as mildly. Big design software company in 2013 asked to pay their users 1.1 million dollars in compensation after credit card records and password leakage.

In 2021, the risk of data leakage is higher than at any time before; there have been numerous data breaches already, including major companies, universities, and cybersecurity providers. 

In October 2020 alone, there were 117 data breaches, the highest number recorded for a single month. Fortunately, only about 18 million user information leaked, less than the yearly running total of compromised data records of 19.5 billion. The most breached sectors were healthcare and health science, education, and the public sector.

All of these numbers show that the protection of one’s data in a time where everyone has an online presence is crucial. With COVID-19 inevitably shifting our lives towards online resources, it is up to us to take the necessary measures to protect our private information.