Survey result: 45% of businesses faced a data breach in last 12 months

The data breach report is based on a survey conducted by Kaspersky and B2B International on September 30, 2020. Researchers interviewed 4,179 businesses globally, with 50 and up to 4,999 employees. Surveyed companies are from the following 5 industries: financial services, government, manufacturing, IT and telecommunications, retail and wholesale.

Analysis reveals that out of the 4,179 businesses, 45% lost data to hackers in the past 12 months. IT and telecommunication companies saw breaches most often, with 53% of companies losing data. IT and telecommunication businesses often have customers’ financial information, in addition to other sensitive data, such as private conversations, social security numbers, and addresses.

Next up is the retail and wholesale industry, in which 52% of businesses experienced a data breach in the last year. Such cybersecurity incidents in retail businesses can damage the brand’s reputation, which leads to losing numerous customers, especially those who are privacy-conscious.

Third on the list is financial services, where exactly half of the respondents stated that their business lost sensitive data to fraudsters. Breaches in the financial industry are a huge concern since an unnoticed leak allows cybercriminals to drain the victims’ bank accounts.

Companies in the government sector are not an exception to the rule, as 46% of them had a data leak in the last 12 months. Attacks aimed at the government are more often than not supported by foreign authorities, whose aim is to obtain political and military information.

Finally, manufacturing and industrial companies experienced data breaches least often, but still a significant amount, at 43%. The danger is mostly to the businesses themselves, as competitors hire hackers to steal inside data which would destroy the competitive advantage the victim company had.

Most common threats overall

Shockingly, as many as 78% of surveyed businesses reported some kind of a cyber threat in their systems last year. On average, a cyber incident caused $312,117 in damages.

Besides data breaches, viruses and malware are the most common threats detected. Over 43% of companies experienced viruses and malware in their internal network in the last 12 months.

There is a wide variety of viruses and malware created by hackers. Nonetheless, the overwhelming majority of them are created to make money illegally.

Also, 39% of companies reported that bring-your-own-devices (BYOD) had been infected by malware as well. Some companies provide all the needed equipment for work, while others require employees to bring their own computers and mobile devices. Company-owned equipment usually has at-least some security measures in place as soon as the employee gets the device. However, that is not the case with BYOD equipment. There is no guarantee that employees update their computer software, which leaves vulnerabilities that hackers can abuse.

The fourth most common cyber threat in businesses globally is crypto-malware and ransomware. Crypto-malware is a type of ransomware that encrypts a user’s files and demands a ransom. Fraudsters can also steal the data, delete it from the company’s database, and request a ransom (usually in Bitcoin) to get back the data. Unfortunately, companies often choose to pay the ransom to avoid damaging their public reputation, hence further encouraging such attacks.

DDoS attacks are one of the most known types of cyberattacks, which affected 34% of companies globally in the last 12 months. DDoS is short for Distributed Denial of Service, and it is an attack used to crash a service or a website, making it temporarily inaccessible to its users. Although individuals suffering from DDoS attacks, typically, cybercriminals target services instead. They often attack services hosted on high-profile web servers, like banks or credit card payment gateways. Revenge, blackmail, and activism are the most common reasons behind the performed attacks.

Source: atlasvpn

Photo by Kevin Ku on Unsplash

Share on facebook
Share on linkedin
Share on twitter
Share on pinterest
Share on print
Share on email

Latest Blog Posts

dpa gdpr

Data Protection Authorities (DPA)

Data Protection Authorities (DPA) Data Protection Authorities (DPA) are independent public authorities that supervise, through investigative and corrective powers, the application of the GDPR. They

Read More »

Zpracovává vaše společnost osobní údaje?

Zpracovávat vaše společnost osobní údaje fyzických osob, jako jsou:

  • Údaje zaměstnanců, zákazníků, uchazečů o zaměstnání nebo pacientů včetně:
    • Jméno nebo osobní identifikační číslo
    • Kontaktní údaje (e-mailová adresa, telefonní číslo, adresa)
    • Bankovní údaje, plat, údaje o pasu nebo jiné osobní údaje


Ar Jūsų įmonė renka ir tvarko fizinių asmenų asmens duomenis? 

Asmens duomenys gali būti:

  • Kliento, darbuotojo. paciento, kandidato į darbo vietą ir kt. 
    • Vardas ar asmens  numeris 
    • Kontaktinė informacija (el.pašto adresas, telefono numeris, adresas ir kt)
    • Banko sąskaitos  duomenys, atlyginimo dydis, paso duomenys ar bet kokia kita asmeninė informacija. 

Onko yrityksessäsi enemmän, kuin 250 työntekijää?

Kas teie ettevõte kogub ja töötleb isikuandmeid?

Kas teie ettevõte kogub ja töötleb füüsiliste isikutega seotud andmeid nagu näiteks:

Töötajate, klientide, tööle kandideerijate, patsientide:

  • Nimi, isikukood
  • E-posti aadress, telefoninumber, kodune aadress
  • Pangakontonumber, palgasumma, krediitkaardiandmed või mõnda muut tüüpi isiklikud andmed

Does your company collect any personal data?

Does your company collect and process any personal data of natural persons such as:

  • Employees, Customers, Job Applicants or Patients including:
    • Name or personal ID number
    • Contact details (Email address, Phone number, Address)
    • Bank details, Salary amounts, Passport details or any other personal data