March 22, 2019

2019 4iQ Identity Breach Report

We published the 2019 4iQ Identity Breach Report “The Changing Landscape of Identities in the Wild: The Long Tail of Small Breaches.” The report was built using an extensive collection of breached and leaked data found from open sources in the surface, deep, and dark web using 4iQ’s proprietary systems, breach-hunting team, and data curation and verification methodology.

In 2018, we observed a significant shift from attacks on not just large companies, but also on a greater number of small businesses – the long tail – as hackers targeted unsophisticated and unsecured small businesses and supply chain vendors. There was also an increase in large volumes of repackaged and shared stolen passwords, as well as the continuation of 2017’s trend of openly leaking devices. 2018 saw a short increase of open or publicly exposed personal identifiable information (PII) – including voter records and government databases – being packaged for malicious or criminal activity.

4iQ Identity Breach Report 2019 Highlights:

  • 14B Identity Records circulating in 2018 (71% increase from 2017)
  • 12,499 Real, New Identity Breaches (424% from 2017)
  • Voter, Citizen, Govt. Data targeted in Cyber Cold War (291% increase from 2017)
  • Massive Combo Lists snowballing (1.8B Clear Text Passwords in one package)
  • 9.4B Raw Identity Records from Accidental Exposures (88% increase from 2017)

By analyzing our findings, 4iQ aims to help companies and individuals recognize and understand the magnitude of exposed credentials and personal identifiable information. We encourage you to review the report and engage with us in a conversation. After all, cybersecurity is a community responsibility.

You can download the report from here