According to Verizon’s 2022 Data Breach Investigations Report:
- Over 80% of hacking-related breaches involved stolen or weak passwords.
- Password-related issues are a significant factor in cybersecurity threats.
- 81% of hacking-related breaches were caused by the use of stolen passwords.
- Weak passwords were also a contributing factor to these breaches.
- The use of stolen or weak passwords makes it easier for hackers to gain unauthorized access to sensitive information.
Past Data Breaches Caused by Weak Passwords
The consequences of a data breach can be severe, resulting in not only financial losses but also damage to a company’s reputation and loss of customer trust. According to the 2022 Cost of a Data Breach Report by IBM Security and Ponemon Institute, a data breach in the US costs an average of $9.44 million, and globally it costs an average of $4.35 million. Below are some alarming incidents that occurred in recent years, all caused by weak passwords:
- Microsoft, March 2021: Suffered a cyberattack by Chinese hacking group Hafnium, targeting hundreds of thousands of on-premises servers using stolen passwords, and creating web shells around them to remotely steal email data.
- Verkada, March 2021: Security cameras of over 5,000 customers were breached by hackers using an admin password leaked online in a misconfigured customer support server, and 16 customers had credentials breached.
- New York City Law Department: Attacker accessed sensitive information of thousands of city employees, evidence of police misconduct, medical records for plaintiffs, and the identities of children charged with serious crimes using a single employee’s stolen email account password due to lack of multifactor authentication compliance.
- GoDaddy: Security breach compromised the accounts of over a million of its WordPress customers, with attackers using a compromised password to hack into the provisioning system in the company’s legacy code for Managed WordPress, and access was blocked after two months.
- Zoom, 2020: The video conferencing platform Zoom faced backlash after several reports of “Zoom-bombing” – uninvited attendees disrupting meetings – surfaced. The issue was caused by weak passwords and the lack of a password policy.
Hi, I’m Matt Anderson and I have been passionate about cybersecurity for many years. I’ve worked as that IT guy in many offices over the years, and I now work as a Software Development Consultant.
If you are interested in making your online presence, your home, your life and your family’s lives much more secure in the modern age, then my hope is that securityfuse.com has all of the answers you need.
I’ve set up this website as a hub of all things security, including which home cameras to purchase, how to use them, which software is safe, how to learn self defense, and how to make your online accounts secure from hackers. Join me in making your home life and online life worry free.
If you are interested in making your online presence, your home, your life and your family’s lives much more secure in the modern age, then my hope is that securityfuse.com has all of the answers you need.
I’ve set up this website as a hub of all things security, including which home cameras to purchase, how to use them, which software is safe, how to learn self defense, and how to make your online accounts secure from hackers. Join me in making your home life and online life worry free.
Latest posts by Matt Anderson (see all)
- Stay Protected: Shielding Your Android Phone from Omni RAT and Malicious Apps - August 7, 2023
- Complete Guide To Protecting Your Digital Privacy - May 16, 2023
- Complete Guide To Securing Your Home - April 11, 2023