"Customer and Employee Data the Top Prize for Hackers – Imperva"

Security researchers at Imperva discovered that the theft of customer and employee data accounts for almost half (45%) of all stolen data between July 2021 and June 2022.  Companies’ source code and proprietary information accounted for 6.7% and 6.5% of stolen data, respectively.  The researchers noted that theft of credit card information and password details dropped by 64% compared to 2021.  The data is part of a 12-month analysis by Imperva Threat Research on the trends and threats related to data security.  The researchers stated that the decline in stolen credit card and password data pointed to the uptake of basic security tactics like multi-factor authentication (MFA).  The researchers noted that PII data is the most valuable to cybercriminals.  The researchers stated that with enough stolen PII, they can engage in full-on identity theft, which is hugely profitable and very difficult to prevent.  The researchers noted that credit cards and passwords can be changed the second there is a breach, but when PII is stolen, it can be years before it is weaponized by hackers.  The researchers also found the root causes of data breaches, with social engineering (17%) and unsecured databases (15%) as two of the biggest culprits.  Misconfigured applications were only responsible for 2% of data breaches, but the researchers said that businesses should expect this figure to rise in the near future, particularly with cloud-managed infrastructure where configuring for security requires significant expertise.  The researchers stated that it is concerning that a third (32%) of data breaches are down to unsecured databases and social engineering attacks since they’re both straightforward to mitigate.

Infosecurity reports: "Customer and Employee Data the Top Prize for Hackers – Imperva"