According to the latest report released by IBM security on Wednesday, the average loss caused by a data leak reached $4.4 million, an increase of 2.6% year-on-year, an increase of 13% compared with 2020, setting a new historical record. IBM said that more than half of the organizations participating in the survey admitted to transferring these additional costs to consumers by raising the price of products and services.
This annual report analyzes the data leakage events of 550 enterprises around the world from March 2021 to March 2022. The study was funded and analyzed in detail by IBM and implemented by the Ponemon Institute. Losses caused by data leakage include ransom paid, expenses for investigating and repairing vulnerabilities, etc. Other losses include regulatory fines and the estimated impact on future product sales that may last for several years. On average, the surveyed institutions said that the loss caused by the data leak one year after the incident could be controlled below 50%.
A good example is that T-Mobile said on Friday that it was willing to pay a settlement of $500million to solve the class action lawsuit filed by customers for the data leakage incident. Nearly a year ago, the lawsuit revealed the personal information of an estimated 76.6 million people. After the judicial approval of the settlement before the end of this year, T-Mobile will use $350million to solve the claims of consumers in class actions, and $150million to upgrade data protection.
The data leak occurred in August, resulting in the disclosure of user name, social security code, mobile phone number, home address, date of birth and other information. IBM’s investigation report also analyzed many data leakage events with high losses, targeting key infrastructure attacks including financial services, industry, technology, energy, transportation, communications, health care, education and public sector industries.
The average loss caused by these data leaks is more than $4.8 million, which is $1million higher than the organizational loss of non critical infrastructure.
In particular, the medical industry suffered the most serious losses, with an average loss of $10.1 million per data leak, compared with $9.2 million in 2021. In recent years, both hacker organizations with national backgrounds and emerging cyber criminal gangs have focused on key infrastructure. Last year, extortion software attacks against colonial pipeline and JBS USA, a meat processing plant, paralyzed the company’s network, forcing it to pay millions of dollars in ransom to hackers because the data was encrypted.
Enterprises, companies, and other institutions must protect the public’s data information, and the public must also monitor and exert pressure on them. Enterprises must ensure cloud data security and implement measures such as information protection and data security.
In fact, most cases of enterprise information and data leakage show that the loss is caused by the company’s office staff rather than an attack on the enterprise’s own database.
After all, most large corporations have their own network security protection department, which is not easy to establish. On the contrary, it is simple to begin with employees’ and leaders’ unprepared notebook computers. After all, not everyone can claim to be an IT expert. The public network they use for business trips or outside offices, or the device port connected to the laptop, may result in the leakage or theft of enterprise information and data. Not to mention the possibility of the laptop being misplaced. With Vinchin Backup & Recovery, you can also easily build an offsite disaster recovery (DR) center by duplicating XenServer backups at the primary site to a remote site or external storage.