Subscribe
About

Hackers increasingly target social media users in data theft

Sibahle Malinga
By Sibahle Malinga, ITWeb senior news journalist.
Johannesburg, 27 Jul 2022

Social media platforms are quickly turning into a primary security weak point for businesses, with social media data breaches accounting for 41% of all leaked records across the globe in 2021.

This is according to a report compiled by private browsing solutions firm Atlas VPN. The data gives insight into the scope of social media-related data breaches globally.

The report is based on various sources, including the 2022 ForgeRock Consumer Identity Breach Report, the 2021 Identity Theft Resource Centre, IBM Ponemon Institute research and Forrester Research.

It notes that social media platforms remain the easiest way for hackers to gain access to firms’ data, with a single data breach incident within one of the major social media networks potentially resulting in millions of records being stolen from an organisation.

Atlas VPN says within the past few years, it has observed multiple large-scale data breaches involving companies like Facebook and Twitter.

By sector, social media accounted for the highest number of data breach incidents, followed by retail, which saw 24% of records leaked last year. The technology sector came third, with 4% of leaked records, and the healthcare sector was the fourth largest, with 1% of leaked records.

The category classified as “other sectors” accounted for 42% of breached records.

People who over-share their data on social media make it simple for criminals to locate personal information that aids in company breaches, notes the report.

Criminals can prey on business clients by posing as the company, in order to obtain credentials. This is becoming especially prevalent since companies increasingly use social networks to communicate with customers, it explains.

“Fraudsters also frequently attempt to infiltrate businesses by leveraging mutual connections, which creates a false sense of security.”

The fast growth and massive following by social media users provide increasing opportunity for hackers.

Data breaches by industry. Source: 2022 ForgeRock Consumer Identity Breach Report
Data breaches by industry. Source: 2022 ForgeRock Consumer Identity Breach Report

Meanwhile, a survey conducted by Censuswide on behalf of ProtonVPN found the personal information of 42% of respondents had been leaked, as a result of a social media-related data breach.

According to security firm Netacea, social media is increasingly becoming a point of vulnerability for many businesses across the globe, as hackers stop at nothing to steal user data, which is then used to create detailed profiles of potential victims to conduct targeted phishing attacks.

Atlas VPN also points out retail data breaches increased in frequency and severity during the course of 2021 – propelled by the huge uptake in e-commerce sales.

“While the average cost of a retail breach was $2.01 million in 2020, it increased by 63% to $3.27 million in 2021. When the enormous volumes of personal data that retail websites collect are not adequately protected, it creates the ideal environment for breaches and subsequent fraud,” says Edward G, cyber security researcher and publisher at Atlas VPN.

“Customer credit card, payment information and personal data were the principal targets of retail data breaches.”

E-commerce websites and applications sometimes skip security precautions, like two-factor authentication, as they seek a simple user experience, he adds.

While the global healthcare sector only accounts for 1% of leaked records, the information leaked is usually particularly sensitive.

“Data compromised from healthcare institutions tends to include name, address, SSN, date of birth, and, in two-thirds of the breaches, actual medical history information,” says Atlas VPN.

Share