And that’s not all the bad news, either. A new report from Symantec shows just how dire the security situation has become on the web. In 2015, the amount of malware online rose 36% to over 430 million individual pieces of malicious code. Zero-day vulnerabilities, security flaws in software that are discovered by hackers before the companies have a chance to fix them, numbered 54, up 125% from the year before. 75% of all websites were found to have unpatched vulnerabilities, putting visitor data at risk. Ransomware, where a hacker encrypts a user’s files on their computer and doesn’t unlock them until a ransom is paid, increased 35%. Spear-phishing campaigns that targeted employees in hopes of gaining access to corporate systems increased 55%. And there were over 100 million fake technical support call scams.
But that biggest number—half a billion identities compromised online—is the most alarming. The average breach that exposed customer data was 1.3 million identities each time. However, 2015 saw nine “megabreaches” that exposed over 10 million identities at once. Some of the biggest megabreaches were the Ashley Madison hack (32 million identities) and the T-Mobile/Experian hack (15 million identities).