View all newsletters
Receive our newsletter – data, insights and analysis delivered to you

Personal data breaches are falling – except in Russia

The number of people affected by personal data breaches fell 95% in the last year, but retaliatory attacks on Russia are growing.

By Claudia Glover

The number of people affected by personal data breaches fell by 95% over the last year, according to a tally by VPN provider Surfshark, as companies and governments invested in cybersecurity. Personal data breaches are on the increase in Russia, however, as hackers target the country in retaliation for its invasion of Ukraine.

The personal data, including passwords, credit card details and email addresses, of nearly 500m people was breached in the first quarter of 2021, according to Surfshark's analysis. In the latest quarter, the figure was just 18.2m.

Significant data breaches in the most recent period include a cyberattack on Hong Kong hotel chain Harbour Plaza in February, which exposed 1.2 million guests' personal data.

The number of UK residents affected by personal data breaches fell by 30% in the first quarter of this year, down to just under 300,000. The figure for the US dropped 47% to 2.5 million.

Personal data breaches in Russia: on the increase

In Russia, however, the number of affected people grew by 11% to 3.6 million.

This uptick reflects retaliatory attacks following the invasion of Ukraine, explains Etay Maor, senior director of security strategy at Cato networks. “With different groups, such as Anonymous and ransomware groups, individuals and government entities all taking aim at Russian organisations, it is not surprising to see these numbers go up."

Despite their connection to the war, most of these data breaches were not strategically significant, says Yelisey Boguslavskiy, head of research at security intelligence company Advintel.

Content from our partners
Harnessing the power of low code and no code development
Signs your accounting software is no longer fit for your growing business
Incumbent banks must transform at speed, or miss the benefits of open banking

“In most of these leaks, many of which were not confirmed or denied by the Russian authorities, the data itself was not particularly valuable and contained information that could be found using Russian-language OSINT engines," he explains. "However, the number of leaks made Russia rise statistically on the scale of having more credentials exposed by hackers.”

By contrast, the number of Ukrainians affected by personal data breaches fell by 67% to just over 200,000. This indicates Russian hackers switching the more strategic attacks, Boguslavskiy argues.

"Cyber attacks against Ukraine were not aimed at credential or email exposure, but at compromising critical infrastructure and data denial," he says. "These attacks were more advanced and more destructive than simple [personal data] leaks, however, because they did not manifest themselves as credential exposure, they were not reflected in the observed trends."

Why are personal data breaches falling?

The falling number of people involved in data breaches reflects investment in cybersecurity by governments and businesses, says Amy DeCarlo, a principle analyst at business intelligence firm GlobalData. “Many countries have more effectively prepared their defences over the last two quarters," she says. "Cybersecurity has become an important investment priority."

Geopolitical leaders and global corporations have also made cybersecurity a priority, adds Rajesh Muru, principle analyst in cybersecurity at GlobalData.

“Counter attacks by UK and Western outfits are a key focus and resource on stepping up cybersecurity across Ukraine and US," he says. And "companies like Microsoft blocking or taking down source domains of known state-backed hacking outfits would play a role.”

Read more: Greencore case highlights risk of employee data breach claims

Topics in this article: ,
Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU