4iQ, a leader in Identity Intelligence, today released the 4iQ 2019 Identity Breach Report, The Changing Landscape of Identities in the Wild: The Long Tail of Small Breaches. Bucking the historical trend of exclusively using data made available from public disclosures and media reporting, the report was built using an extensive collection of breached and leaked data found from open sources in the surface, deep and dark web, using 4iQ’s proprietary systems, breach-hunting team, and data curation and verification methodology.
In this report, 4iQ describes 2018 trends and the changing landscape of stolen identities. In 2018, there was a significant shift with breached data exposed from a greater number of small businesses – the long tail – as hackers targeted unsophisticated and unsecured small businesses and supply chain vendors. The data also showed an increase in large volumes of repackaged and shared stolen passwords, as well as the continuation of 2017’s trend of openly leaking devices. In addition, 2018 saw an increase of open or publicly exposed personal identifiable information (PII) – including voter records and government databases – being packaged for malicious or criminal activity.
“Government was the largest growing exposed sector in 2018, increasing over 291 percent from 2018,” said 4iQ co-founder and CTO Julio Casal. “This may be the result of mid-term elections and increasing geopolitical tensions. For the first time, we saw underground brokers actively including citizen data, such as voter databases, as part of their data portfolio.”
Key Findings in the 2018 Report Include:
- 14.9 Billion Identity records circulating in underground communities reflected a 71 percent increase in 2018.
- Criminals shifted their focus from just large corporations to also targeting small businesses. This resulted in a 424 percent increase in “real” breaches from 2017.
- “Government Agencies” was the largest growing exposed industry in 2018, increasing 291 percent from 2017. This may be due to increasing geopolitical tensions.
- In 2018, for the first time we saw underground brokers actively including citizen data, such as voter databases, as part of their data portfolio packages.
- Notably, the United States and China together accounted for nearly half (47 percent) of all compromised identity records.
“As our personal data continues to get exposed and circulated in underground markets, the problem of identity-based attacks is only growing. Consumers need to do what they can to prevent problems, like enable two-factor authentication, use a password manager, etc. but then they also need to take a proactive approach to protect themselves by signing up for identity theft protection services which include exposure alerts and help with remediation and insurance.” said 4iQ CEO Monica Pal. “In addition, companies should look out for their customers by using this information to neutralize exposed identity information before it can be used for account takeover and detect identity theft and fraud before it becomes a bigger problem.”
4iQ monitors the surface, social, deep and dark web for identity related breaches and verifies the authenticity of those data sets. The 3.5 billion records were curated from more than 14.9 billion raw records stemming from 12,449 breaches 4iQ analyzed.
About 4iQ
4iQ is an identity intelligence company on a mission to empower intel analysts, security researchers, and criminal investigators with capabilities to discover, uncover, and disrupt adversaries. The 4iQ IDLake™ archives more than 14 billion identity records collected from data breaches and leaks found in open sources, on the surface, social and deep and dark web. It powers 4iQ IDHunt™, a pioneering identity intelligence and attribution analysis solution used by Fraud Investigation Units, Anti-Money Laundering and Financial Crime Intel Units, and advanced Security Operations Centers. The 4iQ IDLake™ also powers 4iQ IDTheft™, used by some of the largest Identity Theft Protection service providers, security vendors and Enterprises to alert millions of consumers of exposed personal information, prevent account takeover and identity theft. 4iQ is headquartered in Los Altos, CA and backed by Forgepoint Capital, C5 Capital, Adara Ventures, and Benhamou Global Ventures.
Related Links
http://www.4iQ.com
To view the original article, please click here.
