Identity Breach Report Finds New COVID-19 Cyber Vulnerabilities, Increase in Exposures for Energy & Telecom Sectors/Executives, and COVID Items for Sale on Dark Market According to Constella Intelligence
Report examines new trends in the deep and dark web, how threat actors are exploiting the global COVID-19 crisis, and risks to individuals, executives, and brands
30 Jul, 2021, 10:00 ET
LOS ALTOS, Calif., July 30, 2021 /PRNewswire/ -- Today, Constella Intelligence ("Constella"), a leader in Digital Risk Protection and Identity Threat Intelligence, released their 2021 Identity Breach Report, PII Fuelling the Threat Economy: How Crisis Creates Targeted Vulnerabilities for Individuals, Executives, and Brands. The report evaluates data collected from Constella's extensive database of over 45 billion archived identity records from data breaches and leakages found on the surface, deep, and dark web in addition to trends identified in deep and dark marketplaces over the past year.
The report found that the COVID-19 pandemic engendered new vulnerabilities in the digital ecosystem for threat actors to exploit, resulting in items like vaccines, fraudulent vaccine certificates, and other COVID-19 related items being sold in dark marketplaces and underground forums. Constella's research analyzed the value of personally identifiable information (PII), drawing links between the breach economy, PII, and a range of emerging digital threats to executives and brands. Notably, Constella, observed an exorbitant spike in the price of sensitive personal records sold in the deep and dark web, with the price of driver's licenses, passports, and ID cards increasing significantly from the previous year analyzed – plausibly due to an increased demand for personal records during the pandemic. Constella's 2021 Identity Breach Report also includes a deep dive into the top companies in the Energy and Telecommunications sectors that appeared in the Fortune Global 500 list, demonstrating increasing exposure and vulnerability of companies in the sector, employees, and executives over the past year.
"The COVID-19 pandemic has shown us the fragility of our online infrastructure," said Constella Intelligence CEO, Kailash Ambwani. "As people continue to rely on digital solutions and working from home, both companies and individuals must take new precautions to protect themselves from potential threat actors."
Key Findings From 2020 Include:
- Nearly 60% of the data breaches analyzed exposed some form of PII and 72% of these breaches included passwords.
- Over 40% of executives from a sample of Fortune 500 companies in Energy and Telecommunications sectors were exposed in a breach over the last 5 years.
- Fortune 500 companies in Energy and Telecommunications have had their corporate domains exposed in approximately 11k breaches/leakages since 2016, and over 40% of these exposures occurred since 2020, indicating worsening security of corporate credentials.
- Out of a sample of 55 Fortune 500 Energy executives, nearly 1/4 have had their passwords exposed.
- Constella observed the sale of vaccine doses—such as AstraZeneca, Pfizer, Moderna, and Sputnik—in multiple dark marketplaces ranging from as little as $8 to as much as nearly $850.
- Crypto-Currency, News, and Healthcare industries saw 120%, 110%, and 51% increases (respectively) in breaches and leakages compared to 2019.
- Compared to the findings in Constella's 2020 Identity Breach Report, the price of personal records transacted in dark marketplaces increased significantly, including passports (+1,185%), and driver's licenses (+328%), ID cards (+642%), possibly due to increased demand for false identification records during the pandemic.
"Threat actors continue to find new ways to target individual and company data due to new vulnerabilities created in times of uncertainty and crisis. PII continues to fuel malign activities in the digital ecosystem," said Alex Romero, COO of Constella Intelligence. "Executives are specifically being targeted for their high-level access within organizations."
Constella monitors the surface, social, deep, and dark web for identity related breaches and verifies the authenticity of those data sets. Click here to download the report.
About Constella Intelligence
Constella Intelligence is a global leader in Digital Risk Protection that works in partnership with some of the world´s largest organizations to safeguard what matters most and defeat digital risk. Our solutions are a unique combination of proprietary data, technology, and human expertise to anticipate, identify, and remediate targeted threats to your executives, your brand, and your assets at scale—powered by the most extensive breach and social data collection from the surface, deep and dark web on the planet, with over 100B attributes and 45 billion curated identity records spanning 125 countries and 53 languages.
SOURCE Constella Intelligence
Share this article