data breach

Data Breaches are a Cumulative Threat

Even if your company hasn’t been hacked or experienced a data breach in the last few years, now is not the time to relax about cybersecurity. 

Data breaches at organizations of any size and in any industry can negatively impact the security of your company. They are interconnected events with cumulative effects. With each additional breach, regardless of whether your enterprise is directly impacted, the potential dangers to your network increase. 

Over the past five years, the frequency of data breaches has climbed, along with the number of users impacted.

Impactful attacks like the First American FinancialColonial PipelineFacebookLinkedIn, and Marriott breaches–just to name a few–have already affected billions of users. But there are likely many other undetected breaches happening all the time to small and mid-sized companies as well.  

There are certainly overlaps among the users affected by these breaches and others. Many individuals are likely victims of all of the attacks, or at least several. 

Why Does Being in Multiple Breaches Matter? 

Each time a user is found in another breach list, it provides more information, and a more complete picture, of that individual to the cybercriminal. 

Breaches can include a variety of information about the associated users, from multiple iterations of their passwords to IP addresses, internal messages, financial information, and other personally identifiable information (PII). The more information a bad actor has, the easier, and more precise, social engineering and password attacks become.

How Do Attackers Take Advantage of Victims From Multiple Breaches?

There are many methods for credential-based attacks. Brute-forced based attacks like password spraying rely on common user habits like password reuse. Cybercriminals might attempt to obtain professional credentials, assuming that users are likely to use the same or similar passwords cross-platform and accounts. Once they’ve hacked into a user’s company account, they can spread malware and do much more internal damage. 

Other times, when cybercriminals already have access to an account, they will send out phishing emails and links to the user’s network, whether through email or a link shared on social media. This happens across personal and professional boundaries too. 

More breaches are on the horizon. With every one, our collective cyber safety posture is a bit more vulnerable. Most users remain unaware of the cumulative dangers of breaches, so the responsibility lies with organizations to lock down user and employee credential security. 

What Defensive Actions Can Organizations Take? 

It’s difficult to know which data breaches each user has been victim to for all their personal accounts, much less ask them to disclose it in a timely manner. It’s much more effective to identify the users that are actively compromised. The most effective solution is to screen for compromised credentials, at the point of creation and on a continuous basis. Letting employees know that their details have been stolen, and automating remediation like forced password changes, can help stymie the flood of data. Act now to solidify your defensive posture, before it’s too late.