Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.

552M Stolen IDs in 2013: The Threat of the Mega Breach

By - Source: Toms IT Pro

Symantec has released a report that shows internet security threats increasing on several fronts. In addition to a shift in the methodology of hackers, it seems that both the number and scale of cyber attacks are on the rise.

Symantec's Internet Security Threat Report 2014, Volume 19 reports a 62 percent increase in the number of cyber attacks in 2013 from 2012, with 253 breaches total. That is certainly a large increase, but far from the most unsettling statistic stated in the report. In 2013 there were eight security breaches that exposed over 10 million identities; in 2012 only one attack exposed that many identities and in 2011 there were five breaches of that scale. In total, 2013 saw over 552 million identities stolen.

[Check out: Enterprise Antivirus Solutions]

Is there an emerging trend here? Symantec seems to think so. "One mega breach can be worth 50 smaller attacks," says Kevin Haley, director of Symantec Security Response. "While the level of sophistication continues to grow among attackers, what was surprising last year was their willingness to be a lot more patient -- waiting to strike until the reward is bigger and better."

This could mean a shift in methodology for cyber criminals. As an analogy, instead of holding up convenience stores across a city, hackers can wait and pull off one big bank heist. "Nothing breeds success like success -- especially if you're a cybercriminal," says Haley. "The potential for huge paydays means large-scale attacks are here to stay."

Symantec's report showed a 91 percent increase in the number of targeted cyber attacks in 2013, these attacks also lasted three times longer. The two most sought after targets? Personal assistants and PR professionals. Symantec believes this is because they can be used "as a stepping stone toward higher-profile targets like celebrities or business executives."

Symantec provides three tips for greater information security in business:

  • Know how your data moves within your network. Focus your security infrastructure on the data itself and don't just worry about data center and device security.
  • Educate employees on proper information security procedures.
  • Employ multiple security practices, such as data loss prevention, network security, endpoint security, encryption and defensive measures.

"Security incidents, managed well, can actually enhance customer perceptions of a company; managed poorly, they can be devastating," writes Ed Ferrara, VP and principal analyst at Forrester Research. "If customers lose trust in a company because of the way the business handles personal data and privacy, they will easily take their business elsewhere."

 For Symantec's complete 2014 Internet Security Threat Report, visit

Image Credit 1, 2