Over Seven Billion Usernames Have Been Leaked in Breaches Since 2011…

An article review.

An unfortunate fact of modern life seems to be the inevitable announcement of new data breaches, and if you’ve lost track of how many breaches you’ve had to perform a risk assessment on you’re probably not alone…but just how much personal data has been stolen over the last decade?  An article submitted by our Data Security Analyst, Tanvee Dhir, has tried to put all these breaches into perspective.

Using data compiled from Have I Been Pwned, the authors of the article have created an interactive chart to help you visualize every major reported breach since 2011, along with a cumulative total of breached accounts. That total number of breached accounts?  Just under eight billion…or more than the entire population of Earth.

What can we take away from this?  The authors of the article say it should be the reality that any and all account credentials could be subject to a breach, stressing the importance of having defense-in-depth when it comes to network security.  Security professionals must operate on the belief that login credentials may be leaked, and implement measures to account for that.  Aside from instructing users to never re-use account passwords across sites, implementing two-factor authentication should be seen as a must-have, instead of an option.

Original article by Russell Brandom, Grayson Blackmon, and William Joel, writing for The Verge.