Study finds 2.5 billion personal records exposed in data breaches over 2 years
December 13, 2023439 views0 comments
Joy Agwunobi
A new study by Apple Inc. has revealed that more than 2.6 billion personal records have been compromised in data breaches in the past two years. This data includes sensitive information such as names, email addresses, passwords, and credit card numbers.
According to the study, which was conducted in collaboration with the Massachusetts Institute of Technology (MIT), data breaches have increased dramatically in recent years, with the number of breaches tripling between 2013 and 2022. The study found that 1.1 billion records were compromised in 2021, followed by 1.5 billion in 2022.
The report noted that the number of data breaches in the US rose by nearly 20 per cent in the first nine months of 2022, compared to the whole of 2021. This, it noted, highlights the need for more robust security measures, such as end-to-end encryption, to protect users’ data. The report also emphasised that end-to-end encryption should be adopted by all communication services to protect users
End-to-end encryption (E2EE) is a system that ensures that only the sender and recipient of a message can read the contents. It is considered to be one of the most secure forms of encryption and is used by messaging services such as WhatsApp and Signal.
“Organisations must rethink the amount of data they collect and, especially, limit the amount of unencrypted consumer data they retain. It’s also why, in the last year, technology platforms and other industry players have expanded their use of end-to-end encryption,” it explained.
End-to-end encryption uses an algorithm that transforms standard text characters into an unreadable format. It uses encryption keys to scramble data so that only authorised users can read it.
Apple and MIT’s report noted that technology companies are increasing their focus on security by rolling out a number of encryption features. For example, Apple was the first to provide end-to-end encryption by default in its iMessage service in 2011. And in December 2022, it rolled out Advanced Data Protection for iCloud, which adds an extra layer of security to user data stored in iCloud.
Google expanded client-side encryption to include additional Google Workspace products, such as Gmail and Calendar, in February. Meta Platforms announced that end-to-end encryption for personal chats on Facebook and Messenger is now enabled by default, offering an added layer of security for the more than four billion users of those platforms.
“Given the prevalence of data breaches and their real-life consequences for individuals, keeping personal data safe should be at the forefront of organisations’ priorities,” the study said.
Despite the efforts of technology companies to improve encryption and data security, Apple and MIT cautioned that there are still risks and potential vulnerabilities. The report noted that hackers continue to evolve and become more sophisticated, with ransomware attacks reaching an all-time high.
The report also warned that data breaches can have serious consequences for users as personal information that is stolen or leaked can be used for identity theft, fraud, and other malicious activities. Therefore, it is critical for individuals and organisations to take steps to protect their data and be aware of the risks.
According to the report, which cited data from US-based cyber insurance specialist Corvus, the number of ransomware attacks has increased by almost 70 per cent in the first three quarters of 2023, compared to the same period last year.
Craig Federighi, Apple’s senior vice president of software engineering, stressed the company’s commitment to protecting consumer data and fighting the growing threat of cyberattacks. He said that Apple will continue to find ways to improve security and add new protections for users.
“We are working hard to make sure our users feel safe and secure when they use our products and services,” Federighi said.