2018 was a year for some of the biggest data breaches of all time. The resulting identity theft, scams, phishing attacks, and ultimately fraud had a significant effect on consumers and businesses.


Thankfully there are organizations like the FTC and Identity Theft Resource Center that keep statistics on these events and the impact they have.  The statistics they gather and report allow us to see clearly how large the impact of these events really are.



One-Third of All Security Incidents Begin with a Phishing Attack


Phishing attempts continue to be the most common way cybercriminals find their victims.   Phishing emails attempt to get the recipient to take some sort of action. Most likely it will be a request for you to do something that will result in exposing sensitive data, a username, and password.  Or the phishing email could entice the reader to click on what appears to be a trustworthy link that will ultimately re-direct them to a harmful website. A phishing email may even have a macro embedded that installs a virus on the victim's computer when opened.


The Average Victim of a Phishing Attack Loses $500 or More


Regardless of how the phishing attack is delivered, the impact is dire.  According to the FTC, the median loss from a phishing attack is $500. Surprisingly though, Millenials, the people we assume are more tech-savvy, are actually more likely to fall victim to a phishing attack than Seniors.  However, Seniors far outpace Millenials in money lost on average. In the case of those that are 80+ years old, the median loss was over $1,000 as compared to only $500 for Millenials.


There Were More Than 1,100 Data Breaches Reported in 2018  


According to the ITRC’s annual Data Breach Report, there were more than 1,100 data breaches and over 561 million consumer records were compromised by November 30th, 2018. ITRC’s report breaks down data breaches by industry, banking/credit/financial, business, education, government/military and medical/healthcare.


The Business Sector Had the Highest Number of Breaches


Not only did the business sector have the largest number of data breaches, 524, but it also topped the list in the number of customer’s data compromised.  Over 531 million consumer records were exposed. However, the medical/healthcare sector was close behind at 334 separate data loss events. Trailing the pack was education at only 68 data breaches, but they exposed over 1 million records.


Marriott & Cambridge Analytica Lead the Headlines


Although Facebook and the Cambridge Analytica event cannot be classified as a traditional data breach, it dominated the news cycle for quite some time.  That event was an eye-opener on how much at risk personal privacy is when using social media.


The second largest data breach in history was reported late in 2018 by Marriott and Starwood hotels. Over 500 million guest records were compromised, exposing personally identifiable information (PII) such as passport numbers.


Even highly security conscious organizations such as the U.S. Government weren’t invulnerable to breaches.  The breach of the government’s online payment portal, GovPayNow.com, affected over 14 million users.


Incidents at retailers and restaurants like Hudson Bay and Jason’s Deli, exposing 8.4 million consumer records, served to remind us that attacks on Point of Sale (POS) systems are still a very viable threat.


Often the Goal of Cyber Criminals is to Steal Login Credentials


While ultimately the motivation to commit cybercrime centers around getting your money, often the criminal will take a multi-step approach to accomplish that goal.  Security on special interest forums and support sites are typically not a strong as it is around major commerce sites and financial institutions. This makes it much easier for the identity thief to steal login credentials from those sites.  Since most of us like to keep the same username and passwords login credentials we put ourselves at risk. A breach on a seemingly innocuous website where you have an account may provide just what the cybercriminal needs to log in and drain your bank account.  


Cybercrime and Data Breaches Continue to Grow Year After Year


Cybercrime continues to be an extremely profitable endeavor.  As such it’s likely to increase in scope and in volume in 2019 and the years to follow.  The best way we, as the consumer, can protect ourselves is by using strong unique passwords, and taking advantage of security features like two-factor security when available.  Although security measures like these can be extremely inconvenient and annoying, becoming a victim of cybercrime is more so.