Facebook experienced the most data breaches in the past decade

The larger the company, the more attractive it is to hackers.
19 July 2021

(FILES) This file photo illustration photo shows a Facebook App logo displayed on a smartphone. (Photo by Chris DELMAS / AFP)

Data breaches continue to be a concern for organizations around the world. Despite improved cybersecurity protection, cybercriminals still manage to find ways to infiltrate systems and steal data. Be it via malware through emails or endpoints, spear-phishing, and ransomware, organizations around the world have been at the mercy of cybercriminals.

Globally, an average of 30,000 websites is hacked daily with 64% of companies worldwide experiencing at least one form of cyberattack. With remote work taking over most organizations around the world since the pandemic started last year, emails have been responsible for around 94% of malware attacks while ransomware cases grew by 150% in 2020.

According to reports by Cybersecurity Ventures, global cybercrime costs continue to grow and are expected to reach US$ 10.5 trillion by 2025. The cost is expected to be much larger than damages inflicted by natural disasters in a year and will be more profitable than the global trade of all illegal major drugs combined.

This year alone saw several major global organizations being held ransomware or experiencing data breaches on a massive scale. The Colonial Pipeline hack was so severe that it almost crippled the fuel supply into the US while the world’s largest meat supplier, JBS also had its supplies affected following a cyberattack, disrupting the supply chain.

Most Breached Methods

Both these companies reportedly paid millions in ransom to get back their data and have their systems back and running. World leaders have also condemned global cyberattacks with both the US and Russia not only looking to reduce cybercrime but also bring cybercriminals to justice.

Interestingly, cybercriminals now not only target large successful organizations only but focus on any business or industry which has data of high value on the dark web. Intact Software sourced data on the biggest data breaches in history and crunched the data to give an overview of which companies had the biggest breaches and why.

The data showed that web companies are the main targets of cybercriminals. However, the healthcare and financial industry has also experienced increased cyber threats in recent years with cybercriminals targeting high-value data in these industries. Before the pandemic, tourism and aviation data were also highly sought after by cyber criminals but attacks in these industries have since slowed down a bit.

Top 10 most hacked companies

Facebook still remains the company with the most breaches. The company has had 864, 500, 000 million records lost in all its breaches. Despite this, Facebook continues to be a popular application among many users. While the company continues to improve its security and data privacy measures, hackers are also finding newer methods to infiltrate them.

“The worrying news is that Facebook is right at the top of the most-hacked list. A site with over 1.5 billion users, this potentially puts a large number of users at risk and highlights the dangers of sharing personal data on the site. And, if a site the size of Facebook, with its huge budget for security provision, can be successfully hacked multiple times, what does that mean for more modest businesses?” said Emma Duffy, an Intact spokesperson.

She explained that companies like Facebook must provide a greater challenge for hackers than the data within is worth. To ensure that is the case, cybercrime prevention requires dedicated resources and a dedicated plan which should be assessed and monitored regularly by IT teams or managed service providers. As hacking is the most common reason for data breaches, poor security was also an enabler for this. Businesses need to invest more in cybersecurity and protection as cybercriminals were also clearly spending a lot of time and money into their research to decide on how to hack an organization.

Be it in-house cybersecurity teams or managed service providers, organizations need to educate and guide management regarding cybercrime prevention best practices to ensure businesses proactively give themselves the best chance of protecting against incidences and preventing major impact.