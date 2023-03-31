Like it or not, cybercrime is prolific. With an estimated 8,000 cyberattacks per year, staying secure online simply can’t be assumed or left as an afterthought. Being savvy with your internet security is as much about keeping your passwords complex and secure as it is about installing a reliable VPN and remaining vigilant with two-factor authentication (2FA).

More and more companies are falling victim to cyberattacks, phishing scandals and ransomware leading to data leaks, huge payouts and often lawsuits. It’s clear that cybercriminals are getting increasingly creative, that anyone can be targeted and that there is still a lot to learn around prevention and recovery.

There is a hacker attack every 39 seconds and 2023 has already seen a number of high-profile cybersecurity incidents, with some rumoured to be recurring attacks from previous years or even months before, and some big data leaks on smaller companies in the healthcare sector.

According to IBM Security’s Cost of a Data Breach Report for 2022, 83 per cent of organisations have had more than one breach and 42 million records were supposedly exposed due to data breaches between March 2021 and February 2022. Alarmingly, these records can include anything from first names and email address, to passport copies, sensitive healthcare information and financial details.

Generally speaking, data breaches are taking longer to identify and contain than in previous years — with ransomware-related breaches taking 49 days longer in 2021 than the average time in previous years, according to IBM. Although most people would assume that the risk of data leaks would be higher in companies that haven’t got a fully-fledged cybersecurity team in place (for example, a small hospital), cases such as the latest Twitter cyberbreach prove that companies with perceived high cybersecurity won’t always outsmart a hacker.

According to Mimecast’s State of Email Security Report for 2023, the threat of cyber incidents is now one of the most important global risks to businesses, following the Allianz Risk Barometer survey which highlights how the risks involved might outweigh climate change, staff shortages and even the likelihood of recession.

While not all cases of a data breach lead to fraud or identity theft, compromised data is still an expensive business for companies and the repercussions stretch further to impact consumer trust and brand reputation, not to mention the mental and financial health of anyone directly involved.

Our expert researchers have compiled the most notable data breaches of 2023 so far which have led to millions of records being leaked or exposed – 346,758,345 to be precise – in one way or another. Records or data include basic personally identifiable information (PII) which can be used to identify someone – such as a name, date of birth, address, and phone number – and in some cases records may have included social security numbers, financial or sensitive health information.

Looking more closely at the data, there were 1.9 million people affected by data breaches in April 2023 and numbers have crept up for March and February, also, as new cases of data breaches have been reported around the globe. T-Mobile discovered another breach on 27 March, although 836 is a relatively small figure compared to the 37 million customers affected in their breach in January, it’s certainly enough to eat away at the brand’s credibility.

Each case varies and, although not all reports are officially “confirmed”, they carry lots of potential risk. For example, the millions of Brits now with potential data compromised due to a Labour phone banking system glitch, while across the pond, iD Tech still isn’t confirming a breach, which potentially exposed almost one million user records, even though the incident has been reported and many of those involved were made aware by Have I Been Pwned.