Data breaches are a common phenomenon in the world of data and can pose serious threat to organizations. When a data breach occurs, a company’s reputation is at risk, and fines from legal authorities may be imposed. The costs of such breaches can be enormous. According to IBM’s Cost of a Data Breach Report, issued in conjunction with the Ponemon Institute, in 2021 the average cost of a data breach reached $4.24 million per incident, in healthcare it was $7.13 million. Let us walk you through the biggest data breaches of 2021.
#1 Twitch
Number of records leaked: 5 billion
The Amazon-owned streaming service experienced a data breach in October. There was an error in a Twitch server configuration change that resulted in access to 100GB of data by a malicious third party and data leak.
An investigation was launched immediately, the company fixed the configuration and secured the systems. This leak was caused by a human error, hence an insider threat.
Types of data exposed:
- User data
- Client list
- Twitch’s source code
- Security tools
- Three years of payment information
#2 Astoria Company
Number of records leaked: 30 million
Astoria Company LLC focuses on lead generation from various websites and collects data for its clients.
In January, the team at Night Lion Security discovered several new breached databases of Astoria Company for sale on the dark web. Night Lion notified Astoria Company, the company was not aware of the breach.
Types of data exposed:
- Social security numbers
- Bank accounts
- Driver’s license numbers
- Names
- Email addresses
- Dates of birth
- Mobile phone numbers
- Physical addresses
- IP addresses
- Credit history
- Medical data
- Home and vehicle information
#3 Park Mobile
Number of records leaked: 21 million
Park Mobile provides the largest cashless parking app in the U.S. In March, the company experienced a data breach in which the personal data of 21 million customers was sold online by Russian hackers.
The breach occurred due to vulnerability in a third-party software that is being used by the company. Park Mobile immediately launched an investigation, notified legal authorities, and recommended that customers change their passwords.
Types of data exposed:
- License plate numbers
- Email addresses
- Phone numbers
- Vehicle nicknames
#4 ClearVoiceResearch.com
Number of records leaked: 15.7 million
ClearVoice Research focuses on market research surveys. In April, the company discovered that a backup file of one of their survey databases from 2015 was exposed and sold online.
The company launched an investigation, located the backup file, secured it and eliminated any further exposure. Other files were checked to see whether they were secured properly against other breaches.
ClearVoice Research reset the passwords of people whose data might have been compromised and implemented security measures to prevent the recurrence of such an event.
Types of data exposed:
- Names
- Email addresses
- Addresses
- Home addresses
- Phone numbers
- Dates of birth
- Passwords from 2015
- Responses to various questions (such as health conditions, political affiliation and ethnicity)
#5 Jefit
Number of records leaked: 9.05 million
Jefit is a workout tracking app. In March, the company experienced a data breach due to a security bug. The breach impacted clients’ accounts that were registered before 20th September 2020.
The company secured the servers and impacted accounts immediately and launched an investigation and contacted the authorities. Jefit also adopted new security measures to avoid another breach in the future.
Types of data exposed:
- Account usernames
- Email addresses associated with the accounts
- Encrypted passwords
- IP addresses when creating the account
How to avoid data breaches
There are various ways to avoid data breaches. The tips below might help you to protect your company’s valuable data.
- Identify all the sensitive data in your company and review who can access it and why.
- Review security policies and make sure they are not too difficult to understand and follow.
- Educate your employees and reiterate why data security is important.
- Implement a DLP solution that helps you to perform security audits and set and manage security policies.
Eighty-five percent of companies experience a data breach and 60% of small businesses close within 6 months due to a major data leak. At Safetica, we help all companies, large and small, from various sectors to protect their data against leakage and insider threats.
About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About Safetica
Safetica is to provide small and mid-sized companies with the same quality data protection that corporations have – affordably, and without any additional IT administration or disruptions in operation.