2020 data breach

2020 is on the path to becoming a record-breaking year for data breaches and compromised personal data.

A recent article released by cybersecurity and antivirus firm Bitdefender shows that 8.4 billion records have already been exposed, and that’s only accounting for the first quarter of 2020. For comparison, that’s a 273% increase over the first two quarters of 2019 combined.

“While the number of publicly reported breaches in Q1 2020 decreased by 58% compared to 2019, the coronavirus pandemic gave cybercriminals new ways to thrive,” wrote Bitdefender researcher and blogger Alina Bizga. “Phishing scams skyrocketed as citizens self-isolated during the lockdown, and social-engineering schemes defrauded Internet users of millions.”

Some of the larger data breaches and compromises of 2020 to date include:

  • Unnamed UK cybersecurity firm (5 billion records): Security researcher Bob Diachenko discovered an unprotected Elasticsearch instance containing more than 5 billion records of records collected–you read that right–somewhat ironically, from previous data breaches by a UK-based cybersecurity firm.
  • Estée Lauder (440 million records): Cosmetics giant Estée Lauder disclosed a data compromise that exposed 440 million records, including internal emails.
  • MGM Resorts (10.6 million records): Personal information, including names, email addresses, birthdates and passport numbers if over 10.6 million customers of MGM Resorts was found posted on a hacking forum.
  • Marriott (5.2 million records): Hackers successfully breached the accounts of two Marriott employees and compromised the PII of at least 5.2 million hotel guests, including names, birthdates, mailing addresses, phone numbers, email addresses, and birthdates.
  • Quidd (4 million records): An archive of 4 million usernames, email addresses, and hashed passwords from online marketplace Quidd were found online following an April data breach.