While investor focus this week looks to be squarely on COVID-19 and its potential economic impact, the very real costs of cybersecurity threats, which are features in our Safety & Security investment theme, continue to grow at an impressive pace, rising nearly 30% in 2019 from 2018 and nearly 340% over the past 5 years.
You will find more infographics at Statista
“The FBI’s Internet Crime Complaint Center (IC3) has released its 2019 Internet Crime Reportwhich found that 2019 was a record year for both victims of internet crime and dollar losses in the United States. 467,361 complaints were logged by IC3 in the last calendar year – 1,300 per day on average. The most frequent internet crimes recorded in 2019 were phishing, non-payment/non-delivery scams and extortion. Individuals and businesses lost $3.5 billion in total, an increase on the $2.7 billion lost in 2018.”
Donna Gregory, the chief of IC3, said that while the FBI did not see an increase in new types of fraud in 2019, “criminals are getting so sophisticated” and that “it is getting harder and harder for victims to spot the red flags and tell real from fake.” The companies in the Foxberry Tematica Research Cybersecurity & Data Privacy Index look to provide solutions for and benefit from this growing problem.
You will find more infographics at Statista
Source: • Chart: Americans Are Losing Billions Due To Internet Crime | Statista
We’ve got another cyber attack being reported, this time for Marriott International and its Starwood business to the tune of up to 500 million guests. This puts it around the third worst attack in recent history. What will make this latest compromise even more noteworthy is it’s being one of the larger attacks since the European Union’s General Data Protection Regulation privacy law took effect in May. That’s a new development that Marriott and others will need to contend with, which could result not only in fines but also drive a pronounced pick up in cybersecurity spending. In thematic speak, that’s a potential tailwind for our Safety & Security investing theme.
Marriott International Inc. on Friday disclosed one of the biggest data breaches in history, a hack in the reservation database for its Starwood properties that may have exposed the personal information of up to 500 million guests.
News of the attack—rivaled only by the theft of information in 2013 and 2014 from internet company Yahoo—roiled customers of the world’s largest hotel company and lowered its stock price.
In addition to the size of the Marriott exposure, security analysts say the range of customer data potentially compromised—such as passport numbers, travel details and payment-card data—make the breach even more sensitive. Numerous regulators in the U.S. and abroad said they are monitoring the situation.
Marriott will face scrutiny from regulators, particularly in Europe where the European Union’s General Data Protection Regulation privacy law took effect in May, said Travis LeBlanc, a partner with Boies Schiller Flexner LLP. Although the Starwood breach predates GDPR, Mr. LeBlanc said because the unauthorized activity continued after the law went into effect, the incident would likely be subject to it.
Britain’s Information Commissioner’s Office, which can fine companies for failing to protect customers’ personal data, also is investigating. This year, the office fined major companies including Facebook Inc. and Uber Technologies Inc. for mishandling data.
The Marriott hack joins a list of breaches to hit the hospitality industry in recent years. Security analysts say the industry is a ripe target for criminal actors because of the wealth of financial and other information flowing through payment and reservation systems. It also is a highly fragmented business, in which large companies such as Marriott and Hilton Worldwide Holdings Inc. largely license their brands to property owners who manage the hotels.
Source: Marriott Says Starwood Data Breach Affects Up to 500 Million People – WSJ
While the myspace data breach may data back a few years, it’s size (roughly 427 million passwords!) serves as a reminder that not every breach/attack is immediately detected let alone thwarted. This serves as a harsh reminder on the ever evolving need for cyber security that fuels our Safety & Security investing theme.
Time, Inc. didn’t confirm how many user accounts were included in this data set, but a report from LeakedSource.com says that there are over 360 million accounts involved. Each record contains an email address, a password, and in some cases, a second password. As some accounts have multiple passwords, that means there are over 427 million total passwords available for sale.Despite the fact that this data breach dates back several years, the size of the data set in question makes it notable. Security researchers at Sophos say that this could be the largest data breach of all time, easily topping the whopping 117 million LinkedIn emails and passwords that recently surfaced online from a 2012 hack.
Source: Recently confirmed Myspace hack could be the largest yet | TechCrunch