World hit by record wave of 'mega' data breaches in 2013, says Symantec

Over half a billion records compromised

What do Target, AOL, LivingSocial, Evernote, and Adobe have in common with one another? Answer: they were all victims of huge data breaches during 2013, part of a phenomenon that a new Symantec report calcuates has reached epidemic levels.

According to the firm's latest Internet Security Threat Report (ISTR), such 'mega' breaches are only the best-known victims from a spike nobody saw coming after a quiet 2012.

That last year was a record year for data breaches has been apparent for some time, but the scale of the rise revealed in the numbers is still extraordinary. It doesn't seem to matter which measurement is used, what happened was bad, nay appalling, with the number of breaches hitting a record 258, a 62 percent rise over 2012.

This saw 552 million identities compromised, including 8 breach incidents that exceeded 10 million in each case. This compares with the previous high point for data breaches, 2011, which saw 208 breaches, equivalent to 232 million records.

The first uncomfortable fact is this: these are only the ones we know about. Almost all the names on the top ten list are US-based, which doesn't mean they haven't been happening everywhere else too.

The second uncomfortable fact is this: 552 million breached records means that excluding duplicates the criminal underworld now probably knows not just the email addresses of approaching half a billion people but in many cases their home addresses, names and perhaps even social security numbers. And this is only one year's total.

"One mega breach can be worth 50 smaller attacks. While the level of sophistication continues to grow among attackers, what was surprising last year was their willingness to be a lot more patient - waiting to strike until the reward is bigger and better," said Symantec Security Response director, Kevin Haley.

"Nothing breeds success like success - especially if you're a cybercriminal," said Haley. "The potential for huge paydays means large-scale attacks are here to stay. Companies of all sizes need to re-examine, re-think and possibly re-architect their security posture."

Arguably, Haley is wide of the mark on the idea that size necessarily equals significance. While the number and size of breaches is definitely worth paying attention to, even tiny breaches can cause huge potential trouble if the targets are valuable enough. Just ask the 10,000 women whose records were breached after contacting the UK's British Pregnancy Advisory Service for abortion advice.

The hacker accused of that attack threatened to reveal these names and was only stopped from doing so after intervention by the police.

So why was 2013 so bad after a drop in breaches the year before? There is still no convincing explanation for that although Symantec believes that it was the end result of greater organisation and planning by cyber-criminals. The previous breach wave of 2011 was driven by the low-hanging fruit of poorly-secured databases; 2013 used far more organised techniques and intelligence to find the weak spots in enterprises that had tightened some of the easier ways in.

These 'ways in' turn out to include partners, associates and third-parties, many of whom have remote access rights to larger enterprises without themselves having good security. Symantec reckons that two of the most targeted professions include personal assistants and PR people, two groups seen as easy-to-penetrate stepping stones to more valuable targets.

Given the number of attacks on the media by groups such as the Syrian Electronic Army, one could also add journalists to that list even if those are motivated more by ideology than data. The figures for 2014 will be interesting. Was last year an anomaly or a marker for what is now inevitable?

Join the CSO newsletter!

Error: Please check your email address.

Tags TargetPersonal TechEvernotesymantecsecurityLivingSocial

More about Adobe SystemsAOLEvernoteSymantec

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E Dunn

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place