Get Permission
ShinyHunters disclosed its breach of dating site MeetMindful.com by dumping stolen data on the cybercrime forum RaidForums.
The ShinyHunters cybercrime operation runs a data exfiltration and sales business that appears to be off to a roaring start again this year, following on the heels of its data breach spree last year. ShinyHunters released a tsunami of sensitive data in 2020, says cybersecurity firm Risk Based Security, noting that the group had been tied to data dumps that ultimately exposed over 550 million user records. They will breach a company, sell the data privately, then once that breach becomes more available, they will leak it to still build hype.
Data Breaches: ShinyHunters Dominance Continues bankinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from bankinfosecurity.com Daily Mail and Mail on Sunday newspapers.
Reported U.S. data breaches and inadvertent data exposure in 2020 (Source: ITRC)
The number of data breaches being reported in the U.S. and elsewhere each year continues to decline. But security experts say this unfortunately can be explained by criminals increasingly focusing on lucrative ransomware and business email compromise scams, which require scant data to be successful.
In the U.S., reported data breaches and inadvertent data exposure incidents decreased by 19% from 1,473 in 2019 to 1,108 in 2020, as did the overall number of exposed records, according to the Identity Theft Resource Center, a nonprofit organization based in San Diego, California, that provides no-cost assistance to U.S. identity theft victims to help resolve their cases. The ITRC recently released its 15th annual Data Breach Report.
Breach Data Highlights a Pivot to Orgs Over Individuals
In 2020, breaches were down by 19%, while the impact of those compromises measured in people affected fell by nearly two-thirds.
Both the number of data breaches and the number of individuals affected by data breaches plummeted in 2020, as attackers moved away from collecting mass amounts of information and instead targeted user credentials as a way to infiltrate corporate networks to install ransomware.
That s according to a new report, out Jan. 28 from the Identity Theft Resource Center, which estimates that more than 300 million individuals were affected by data breaches in 2020, a large number but a drop of 66% over the previous year. In addition, the number of reported data breaches fell to 1,108, a decline of 19% over 2019.
As the COVID-19 pandemic grabbed 2020 headlines, the list of data breaches in government and the private sector quietly grew. And then came SolarWinds. What’s next?