A new study looking into data breaches in 2019 found that on average, a US citizen had their personal information leaked to the public at least four times. This is only based on publicly reported data and leaves out hundreds of other breaches that may have occurred behind closed doors. 

Interest.com pulled together multiple sources of publicly available data from 2019 on all of the data breaches announced by a variety of companies including social media sites like Facebook, which had three of the largest breaches last year. 

“The most common outlets for breached data were Social Media Sites, Tech (Apps, other software) and Websites (including online retail) so take care to only use your passwords once on each site so that a single personal data exposure doesn’t expose your entire online world,” the report stated.

“What makes these data breaches so scary and infuriating, is that we want and sometimes need to trust companies such as Facebook, Adobe and First American with our personal information,” the report said. “Personal digital hygiene would not have prevented many of these back-end data breaches but it can help minimize the impact.”

SEE: Special report: Cybersecurity in an IoT and mobile world (free PDF) (TechRepublic Premium)

The study notes that this average is dependent on how often you use the internet, with your likelihood of being involved in a breach relying heavily on your level of activity online. There are also different levels of “personal information” that were leaked in breaches last year. 

Some involved just passwords and usernames for that specific site while many, like those from Facebook, included detailed information on people or financial information. 

Warren Poschman, senior solutions architect at security company comforte AG, said the more digital companies expand and increase their attack surface online the harder it becomes to keep user data safe.

“Often organizations only discover backdoors and other vulnerabilities long after hackers have already used them which is too late,” Poschman said. “Therefore, the most effective way to reduce the risks associated with breaches is to protect the sensitive data itself, while making it useless for attackers.” 

The report includes the 14 largest breaches in 2019 and the reported number of records exposed. First American Corporation had the largest breach in 2019 of 885 million records while Facebook had three separate breaches exposing a total of at least 808.5 million records. 

TrueCaller, Zynga, Capital One, Quest Diagnostics, Adobe, and DoorDash also had large breaches exposing millions of records to the internet. 

Timothy Chiu, vice president of marketing at K2 Cyber Security, said data breaches will continue to increase as attackers work harder to gain access to systems.  

“Security today is both the responsibility of the company that has your data, as well as the individual user. Organizations need to re-evaluate how they do security, because doing the same thing hasn’t been working. Security for their internet facing applications needs to be considered from the start of the app design and continue through production and deployment,” Chiu said.   

“Unfortunately, the pandemic has meant that many organizations have rushed applications to production for use by their employees. We may be seeing more successful attacks and more data breaches during the pandemic because of this. End-users also need to do their part to make their online accounts safer.  While many continue to resist using different passwords and changing their passwords regularly,  those steps will help keep their online data safer.”

Cybersecurity Insider Newsletter

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays

Sign up today

Also see