Data Security, Breach, Privacy, Cloud Security

Hackers went after personally identifiable information the most, study says

Share
Mobile drivers license
A Utah Department of Motor Vehicle employee shows a sample of a digital driver's license on a mobile phone. (Photo by George Frey/Getty Images)

A recently released study that analyzed the top 100 breaches from July 2021 to July 2022 showed that hackers went after personally identifiable information 42.7% of the time.

Out of all of the types of data available for cybercriminals to steal — credit card info, passwords, source code, etc. — the authors of the Imperva study said that PII is the most valuable since criminals can compile more PII from the dark web to then engage in harder to prevent fraud or full-on identity theft.

For the analysis, Imperva looked at publicly available sources from the web, breach reports, hackers’ forums, analysis of stolen database dumps and information from Imperva’s own honeypots. 

What they found was that 27.1% of data breaches were caused by hackers. But Imperva researchers said what struck them most was that the two reasons that tied for second when it comes to root causes — unsecured databases and social engineering at 14.6% — are fairly straightforward to mitigate: “A publicly open service increases the risk of a breach to happen, but in most cases, this is not a failure of security practices; it is rather a complete absence of a security posture,” they wrote.

Ransomware followed as the fourth most common cause of a breach at 10.4%, and third parties caused 7.2% of breaches.

Finance, professional services, healthcare and public administration were the top four industries that recorded the most breaches during the analysis.

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.
Stephen Weigand

Stephen Weigand is managing editor and production manager for SC Media. He has worked for news media in Washington, D.C., covering military and defense issues, as well as federal IT. He is based in the Seattle area.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.