Hackers using stolen or compromised employee credentials led to the most expensive data breaches over the past year, a study by IBM Security has found.
IBM, which has security development teams working in Cork, published the results of a global study examining the financial impact of data breaches, revealing that these incidents cost companies €3.28m per breach on average. Analysis of data breaches experienced by more than 500 organisations worldwide found that in 80% of cases customers’ personally identifiable information was exposed.
As companies are increasingly accessing sensitive data via remote work due to Covid-19, the report sheds light on the financial losses that organisations can suffer if this data is compromised.
A separate IBM study found that over half of employees new to working from home due to the pandemic have not been provided with new guidelines on how to handle customer information.
Stolen or compromised credentials and cloud misconfigurations were the most common causes of a malicious breach for companies in the report, representing nearly 40% of malicious incidents.
With over 8.5 billion records exposed in 2019, and attackers using previously exposed emails and passwords in one out of five breaches.
Major breaches where more than 50 million records were compromised saw costs jump to €333m from €330m the previous year.
The report also found that companies who had fully deployed security automation technologies experienced less than half the data breach costs compared to those who didn’t have these tools deployed.
With changing work models creating less controlled environments, the report also found that 70% of companies expect it will exacerbate data breach costs.