Of course, you use the internet regularly, from checking your emails to updating your status on social media platforms to performing online transactions. All of these activities involve your data, none of which is safe online. Data thefts happen on a day-to-day basis, and all your valuable information, including your email address, credit card details, passwords, and various other sensitive data, get exposed. And the hard truth here is that not many are aware of the issue’s depth unless and until they are affected by online data theft personally.
With hackers getting savvier with time, the number of online data thefts is continuously on the rise, with the number of records exposed between 1st of January, 2005, and 30th of November, 2019 exceeding well over 1.6 billion. (Source: Identity Theft Resource Center)
With online data theft becoming inevitable, it is only wise to stay aware of the related stats, so here is a closer look at the various online data theft statistics:
TABLE OF CONTENTS
Online Data Theft: General Facts and Statistics
Online Data Theft: Fraud Reports Statistics
As reported in the Consumer Sentinel Network Data Book 2018:
- 3 million reports were received in 2018, of which 1.4 million were fraud reports, covering total fraud losses of $1.48 billion, which is an increase of $406 million from the previous year.
- The top three categories of these reports were imposter scams, debt collection, and identity theft. Of these, identity theft is a form of online data theft.
- Though identity theft was the third most reported category of complaints to the Federal Trade Commission (FTC), they accounted for about 15% of all complaints.
- The top type of identity/data theft was credit card fraud, with 157,688 reports filed.
- While the percentage of identity theft claims saw a decrease of 9.3% from 2015, they again started to increase, by 19.8% from 2017 to 2018.
Online Data Theft: Cost-related Statistics
While the total cost for all the cyber crimes committed around the world adds up to more than $1 trillion for the year 2018, there are separate online data theft statistics that prove that the issue is bigger than we thought. Following are some of the cost-related online data theft stats curated by IBM:
- Average total data breach cost increases.
The average total cost of data breach/theft was $3.86 million, a 6.4% increase from the $3.62 million in 2017.
- The average cost for stolen records also sees an increase.
The average cost for a lost or stolen record due to data breach increased to $148 from $141, a 4.8% increase.
- There is a significant cost difference between companies that deploy and do not deploy security automation.
In companies that deploy security automation, the average cost of online data theft is estimated to be $2.88 million. On the other hand, in companies where there is no security automation, this cost can reach around $4.43 million, a difference of about $1.55 million.
- IoT devices contribute to the cost of online data theft.
With the extensive use of Internet of Things (IoT) devices, there is a $5 increase in cost for every compromised record.
- The US and the Middle East are the costliest.
The United States and the Middle East happen to be the regions where data thefts are the costliest, with the average cost in the former being $7.91 million and $5.31 million in the latter.
- These countries also spend the most post-breach.
Even with post data breach response, the United States and the Middle East spend the most, at $1.76 million and $1.47 million respectively. When it comes to data breach response, some of the practices include inbound communications, help desk activities, legal expenses, regulatory interventions, etc.
- Identification and containment of data breach/theft.
The length of time taken by a company to identify and contain online data theft also has a significant impact on the financial consequences they face. Companies that take less than 100 days to identify such an incident can save over $1 million when compared to those that take more time. Similarly, companies that can contain a data breach within 30 days can again save more than $1 million when compared to those that take longer to rectify the issue.
- Incident Response (IR) team can help reduce costs.
When a company has an incident response team in place, they would be able to save up to $14 for every compromised record.
- Loss of customers also leads to financial consequences.
Data breach/theft leads to loss of customers and their trust towards a brand or company, which in turn leads to financial loss. If customer loss is under one percent, the expected average total cost would be $2.8 million; however, if the same exceeds four percent, the cost would be $6 million, a whopping difference in amount.
Biggest Online Data Breaches
The US-based wireless network operator encountered a major data breach very recently, exposing more than 1 million of its customers. The company confirmed the breach and stated that it was their customers’ data that were stolen and not their password or financial data. The exposed data include name, billing address, account number, phone number, and chosen plan. While it has been claimed that less than 1.5 percent of the company’s customers were only affected by the data theft, the number goes over a million, considering their 75 million customer base.
The 7-Eleven petrol buying app faced a data breach earlier this year, as a result of which customer was able to view the personal data of other users, such as their names, mobile numbers, email addresses, amount of money in their account, and more. With more than 2 million downloads, the extent of this data theft, including the number of affected users, is still unknown.
(Source: The Guardian)
- Patient Records Breach
As mentioned earlier in the article, healthcare is one of the top sectors to encounter the largest number and frequency of online data thefts, which is proved yet again. Around 32 million patient records were stolen just during the first half of 2019, between January and June, which is double than the 15 million records that were breached in the whole of 2018. This is known to be the single largest online data theft disclosed in 2019.
- Capital One
As the third-largest issuer of credit cards in the United States, it took the whole country by storm when the company’s database was hacked by an individual, a former software engineer. The hacker stole the personal data of more than 100 million people, which included 140,000 Social Security numbers and 80,000 bank account numbers. This online data theft is known to be one of the largest-ever bank data thefts, with potentially highly destructive consequences, starting with the company having to spend around $150 million for the breach, which is inclusive of paying for credit card monitoring for those customers affected by the incident.
(Source: The New York Times)
And of course, you cannot easily forget the Facebook scandal. Ever since its launch in 2004, the social media giant has been accused one too many times for privacy abuse and data breach/theft. The recent news is the exposure of the personal records of more than 540 million Facebook users, with their data, including their account names, Facebook IDs, comments, and more, remaining unsecured on a publicly accessible database.
While the social media platform has a long history of disregarding user privacy, this recent one had Mark Zuckerberg in the news for a long time and all the wrong reasons. As a result, the company is known to have lost $120 billion in market cap, and the platform has lost trust from its users, at least of those who don’t want their private details leaked. Furthermore, the Federal Trade Commission (FTC) slapped Facebook with a fine amount of $5 billion for violating consumers’ privacy, which is known to be the largest ever imposed on any company for the given reason.
Online data theft happens daily and in too many places simultaneously for people and experts to keep count and act at once. As you can see, even some of the major players in different industries have been victims to data breach and theft, which cost them not just millions of dollars, to repair the damage caused and to review and tighten their security features, but also the trust of millions of their customers, which is something that cannot be regained. This goes to show us that no one and no one’s data is safe online.
- It has been found that around 76% of hackers have financial motivations behind their hacking and data theft initiatives.
- And when it comes to attacking businesses, 1 in 10 online attack groups are known to use some form of malware to disrupt business operations.
- Despite these staggering numbers and data breaches becoming more prevalent, many companies remain unprepared to prevent and deal with online data theft. Less than 30% of companies use encryption to protect sensitive data of their customers, clients, and of course their own.
Yes, data security is hard; but, it is something that is of utmost importance right now and requires the undistracted attention of business owners. This leads to the need for businesses to now take a proper look at their data security practices and tools and refresh them wherever needed to strengthen their online data security scenario. A few tips to follow are:
- Focus on data security threats from all possible angles.
- Find solutions with which you can do more without having to spend loads of resources.
- Implement different data security measures, beginning with encryption.
- Analyze your existing data security tools and techniques, and invest in modern and efficient tools that are scalable as well.