India is the second-most affected country when it comes to data broker breaches, and more than 1.8 crore (18.7 million) personal records of Indian citizens were compromised through 10 data breaches in the past 20 years, a report has revealed.
A data broker is a business that aggregates information from a variety of sources, processes it to enrich, cleanse or analyse it and licenses it to other organisations.
According to Incogni, a leading data removal service by VPN service provider Surfshark, India is among the top five countries most affected by the most significant data broker breaches, led by the US which has seen a massive 207.6 million personal records of their citizens being compromised in the same period.
The other most affected countries are the UK, Brazil and Canada.
“Data privacy is becoming increasingly alarming, yet many people are still unaware of the hidden market in which data brokers operate. Upon reviewing the findings, we have seen that data brokers can also experience a data breach, just like any other company. However, they are the ones dealing with massive amounts of sensitive data,” said Darius Belejevas, Head of Incogni.
Incogni’s researchers analysed 506 registered, US-based data brokers and found that in the past 20 years, 23 (4.5 per cent) of these companies have suffered data breaches, and at least 10 data broker breaches to date resulted in at least 1 million user records being leaked, exposing a total of 444.5 million records.
The People Data Labs breach was the most significant in each of these five countries.
This breach exposed a little over a third (35.2 per cent) of breached US records, around two-fifths (42.1 per cent) of the Brazilian records, more than half of the Canadian (54.3 per cent) and UK (56.7 per cent) records, and over two thirds (68.5 per cent) of the Indian records.
The analysis of data broker breaches showed that since 2011, things started to go downhill, with a data breach happening almost every year — 2014 and 2022 being the only two exceptions.
The year 2017 experienced a massive spike, with six companies being breached.
With the pandemic spreading, 2020 was a challenging year that witnessed a significant surge in cybercrime.
The number of cybercrime victims increased dramatically by 69 per cent, highlighting the severity of the situation. As a result, it is perhaps not surprising that a total of nine data breaches occurred during this time, the report showed.
There was a decrease in the number of data breaches in 2021, with only three breaches reported.
“While no reports of data breaches were received in 2022, it’s important to note that data breaches are not always immediately discovered. That’s why the accuracy of this information is yet to be confirmed,” the findings showed.
There have been a total of 40 events of data brokers suffering data breaches, starting with the Acxiom breach in 2002.