Two massive dumps of stolen records dramatically inflated the number of leaked credentials online in the first quarter of 2019, according to a report from cyber-intelligence company IntSights.
The company saw a 129% increase in stolen credential leaks in Q1 2019 compared to the same period last year, according to its Banking and Financial Services Threat Landscape Report.
These numbers stem from the mass dumping of records onto the dark web in a series of leaks at the start of the year, according to the company's VP of strategy Nick Hayes.
In January, cybersecurity researcher Troy Hunt discovered an 87Gb data dump he called Collection #1. It was a set of 773 unique email addresses. The records appeared on the MEGA cloud file sharing service.
The next month, researchers saw a second leak, dubbed Collections #2-5, with files at least nine times the size of the first. IntSights says that together, Collections #1-5 contained roughly 2.2 billion records of login credentials and personal information. However, it is worth pointing out that many of these credentials had already turned up in previous hacks and were not new.
Hayes also pointed to increasingly automated credential gathering attacks, using phishing kits. “All of that combined is our understanding for why this is becoming an even bigger issue and why we've seen a drastic surge in the numbers,” he said.
IntSights also saw a 212% year-on-year increase in instances of compromised credit cards.
The credentials stolen and dumped online were not sector-specific. However, the financial services industry faced a barrage of malware attacks, according to the report. Working from a random sample of its financial services customers, IntSights found that banks and other financial services organizations drew 25.7% of all targeted malware attack last year, putting the sector at the top of the hit list.
The company pointed the finger at financial services organizations in developing countries, particularly in Latin America, Africa, and South Asia (especially India and Pakistan). They were attacked more often, said the report, citing a lack of external-facing security measures as the cause.
The topic of Data Protection will be covered throughout the free-to-attend conference at Infosecurity Europe in London from 4-6 June. See all the talks on Data Protection here. Infosecurity Europe is the leading European event for information and cyber security; find out more and secure your free visitor badge.
