SAVANNAH, Ga. (WSAV) – Cyber crooks launched thousands of attacks that affected millions of people last year, according a new report from the Identity Theft Resource Center.

“There were more data breaches in 2021 than in any other year since we started tracking
data breaches back in 2005,” said James Lee with the Identity Theft Resource Center.

The number of data breaches (1,862) is up 68 percent from 2020. Ransomware attacks grew the most.

The report says cybercriminals have shifted from targeting the personal information of individuals to mass data misuse, i.e. targeting companies. It said: “consumers were often caught in the crossfire between professional cybergangs and organizations that hold consumer information in trust.”

Lee says the data breaches affected up to 290 million people.

“Each individual is generally impacted by more than one data breach,” he said. “We don’t have comprehensive numbers because some states don’t really require an organization to report how many people are involved.”

“That a problem for a variety of reasons,” Lee continued. “One is it doesn’t give individual consumers the information they need to protect themselves. A data breach doesn’t mean that your information has been misused, it means it’s been exposed and you’re at risk of it being misused.”

Lee says now, consumer information may be more of a means to the end and that crooks are attacking businesses through stolen credentials, specifically logins and passwords.

He says the problem is that some people continue to use the same passwords for many accounts, including personal and business email.

“That’s why that login and that password is so important ways and we need to protect them in ways we haven’t thought about in the past but we have to think about it in the future,” said Lee.

He says to use a different password on each account and make sure a password is at least 12 characters long. Lee says shorter passwords are far easier to hack than longer ones.

He says the second thing you can do is freeze your credit. Lee says the process which was once intimidating is much easier and that you can ‘freeze and unfreeze’ at will. He does say you must contact each of the three credit reporting agencies but that the ITRC has assistance to help you online.

Finally, he suggests using specially made apps for multi-factor authentication. Instead of a text message to your phone or email to your computer, he says to download the app on both the computer and phone. Lee says when you get a text saying from the bank allowing you to sign in to your account, the message goes through the app and not straight to a text. He says that is safer in case your phone especially is ever compromised.

“If your information is exposed, you make it less useful or make not useful at all,” said Lee.