Online computer hackers have infiltrated and exposed the personal information of 110 million Americans – nearly half of the US adult population – over the last year alone, according to an alarming new report.
The study – formulated by researchers at the Ponemon Institute, which measures data collection and information security in the public and private sectors – also determined that the number of hacked accounts belonging to those individuals numbered at or near 432 million.
Many of the people victimized may have inadvertently made available to hackers their names, debit or credit card information, email addresses, phone numbers, birth dates, passwords, security questions, and possibly their physical home addresses, according to CNN Money, which commissioned the study.
The news that so many people have been hacked comes on the heels of a series of vast security flubs at popular companies like Target and eBay. Target was the victim of a malware attack that compromised no less than 40 million credit card numbers (along with 70 million addresses, phone numbers, and other identifying materials) through the height of the holiday shopping season.
Snapchat admitted that five million user accounts were hacked, and 33 million Adobe users’ credentials were also taken (along with more than three million stolen debit and credit card details).
“Most companies don’t fully understand or address their security risks,” the 2014 US State of Cybercrime Survey explained. A mere 38 percent of the companies polled are capable of prioritizing security spending based on the risk it presents to businesses and customers. The survey added that “most US organizations’ cybersecurity capabilities do not rival the persistence and technological skills of their cyber adversaries.”
The situation is complicated even further because the very companies that so many Americans unconsciously rely on refuse to disclose how many customers were actually hacked. AOL, while admitting that a hack had taken place, has said only that a “significant number” of its 120 million accounts were taken over. Online giant eBay was similarly cagey when it was revealed that hackers had taken data from all 145 million of the site’s users.
So many internet users have found themselves hacked in part because the attackers have specialized their methods of attack, whether it be deploying malware against Target or covertly installing a flaw onto Internet Explorer that allows them to monitor an entire computer.
“It’s becoming more acute,” Larry Ponemon, head of the research institute, told CNN Money. “If you’re not a data breach victim, you’re not paying attention.”
The report attributed the vast data loss on a number of issues, perhaps the most notable of which being a widespread hesitation in the corporate world to be proactive. Executives, managers, and even tech specialists often dismiss the immediacy of a threat before it falls on their company.
Blame can also be pitted on individuals, however, with many people failing to be diligent enough in changing their passwords, or using security questions that are easy for others to guess. Such failings make it possible for friends and loved ones to hack the people they are close to, according to Paul Norse of Security Center USA.
“These are generally done internally,” he told First Coast News. “So from our aspect as a consumer the only real thing that we can do is monitor our accounts closely and alert the proper authority. On the other side it’s really the business’s end to protect our information, and a firm part that we need to do as Americans is holding these people accountable.”