Billions of Records Compromised in Recent Years, Study Finds


The latest research study by analysis firm Canalys revealed that in 2020 alone, more data records were compromised than in the last 15 years combined. The research described this as a mounting “data breach crisis.”

Canalys found that during 2020, 31 billion data records were compromised. This figure is up by 171% from 2019 and contributes to more than half the 55 billion data records compromised overall since 2005. Cases of ransomware (an attack that encrypts data and servers to block access to a computer system until a sum of money is paid) have been increasing, with the number of reported incidents rising by 60% compared to 2019. 

Canalys believes the unprecedented boom in cyber attacks is partly because of the COVID-19 pandemic. The pandemic forced organizations worldwide to digitize quickly without thinking about the new security concerns that accompany running a business online. While the hospitality sector turned to new platforms for home delivery, retailers switched to online selling, and manufacturers digitized supply chains to improve the production lines’ accuracy. Organizations across the globe shifted entire workforces to work from home (WFH) almost overnight—the number of employees working remotely skyrocketed from 31 million before the pandemic to a little under 500 million.

To stay afloat, organizations invested money in the cloud and digital technologies to shift processes online and adapt to new methods of working. Canalys noted that in this process, cybersecurity concerns were often put on hold. Regarding this, the Canalys report reads, “Organizations had to implement business continuity measures quickly in response to the COVID-19 pandemic or risk going out of business. These measures were often at the expense of cybersecurity and bypassed longstanding corporate policies, leaving many exposed to exploitation by highly organized and sophisticated threat actors, as well as other more opportunistic hackers.” The report adds, “For many, cybersecurity was an afterthought, as they had to focus primarily on staying in business.”

The report concludes by saying, “Prioritize cybersecurity and invest in broadening protection, detection and response measures or face disaster.” Canalys has also called on business executives to change their mindset from “if” a breach affects their company to “when” it does.