IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

One billion personal records exposed in 2014, warns IBM

Researchers bemoan poor passwords and operating system vulnerabilities

More than one billion personal records were leaked online in 2014, according to IBM's security research team.

The total is 25 per cent higher than the 800 million personally identifiable information (PII) records leaked in 2013, the X-Force team revealed yesterday.

The experts called 2014 a "white knuckle rollercoaster ride" in which data breaches, malware and mobile app vulnerabilities all contributed to the huge volume of data exposed.

However, three overarching themes emerged weak passwords, critical vulnerabilities in operating systems, and sensitive photos stored on cloud services.

The Threat Intelligence Quarterly report read: "When we look back in history to review and understand the past year, you can be assured it will be remembered as a year of significant change.

"Breaches and security incidents were being announced so rapidly in 2014 that many struggled to keep up.

"By the end of the year, we began to see that this digital storm of attacks would not cease, but instead would likely become larger, grow more encompassing, and raise increasingly important personal privacy concerns, as evidenced by the breach at Sony."

The majority of data was stolen from US companies such as Sony, which suffered embarrassing email leaks alongside unreleased films and staff data.

Retailer Target was found guilty of ignoring an early-warning system when 70 million customer records were stolen at the turn of the year.

Photos of naked celebrities were leaked after hackers broke into Apple's iCloud service.

IBM referred to vulnerabilities including Shellshock, and this year's newly discovered FREAK, adding that good old-fashioned malware continued to play its part, with cyber criminals using it to hit banking firms and other industries.

It also found that ransomware became more popular in 2014, with hackers either threatening sites with DDoS attacks or encrypting a user's data until a fee is paid.

The team concluded: "A review of the breaches in 2014 shows a mix of attackers targeting low-hanging fruit ... as well as using sophisticated, custom exploits to reach high-profile targets with surgical precision."

Featured Resources

Meeting the future of education with confidence

How the switch to digital learning has created an opportunity to meet the needs of every student, always

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

Technology reimagined

Why PCaaS is perfect for modern schools

Free Download

Recommended

Ten ways to protect your company from the next big data breach
data breaches

Ten ways to protect your company from the next big data breach

18 Feb 2022
Gumtree site code made personal data of users and sellers publicly accessible
data protection

Gumtree site code made personal data of users and sellers publicly accessible

16 Dec 2021
Pizza chain exposed 100,000 employees' Social Security numbers
data breaches

Pizza chain exposed 100,000 employees' Social Security numbers

19 Nov 2021
83% of critical infrastructure companies have experienced breaches in the last three years
cyber security

83% of critical infrastructure companies have experienced breaches in the last three years

11 Nov 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

7 Jun 2022
The top programming languages you need to learn for 2022
Careers & training

The top programming languages you need to learn for 2022

23 Jun 2022
Attracting and retaining talent through training
Sponsored

Attracting and retaining talent through training

13 Jun 2022