Cybercrime Personal and employee data is a goldmine for hackers


Level 26
Thread author
Top Poster
Aug 17, 2017
Personal and employee data is a goldmine for hackers, who are now apparently more focused on obtaining these types of data than any other, new research has claimed. A report from Imperva analyzing 100 data breach reports published in the last 12 months says personal employee and customer data accounted for almost half (45%) of all data stolen last year. Cybercriminals are focused on personally identifiable information, Imperva claims, because that data can be used in identity theft and similar stage-two attacks. These, says Imperva SVP, Terry Ray, can be “hugely profitable and very difficult to prevent”.

Social engineering and unsecured databases​

“Credit cards and passwords can be changed the second there is a breach, but when PII is stolen, it can be years before it is weaponized by hackers,” Ray added. While often filling headlines, source code and proprietary data theft aren’t that popular, accounting for just 6.7% and 5.6%, respectively. The good news is that businesses had gotten a lot better at protecting payment information and password details, as leaks of this type of data dropped by 64% year-on-year. Most of the time, data breaches are a result of social engineering (17%) attacks or attacks against unsecured databases (15%). Misconfigured applications accounted for roughly 2% of all data breaches, but businesses expect this format to play a bigger role in the future, mostly due to the rise in cloud-managed infrastructure, whose security configuration requires significant expertise.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.