Hackers have successfully compromised around 110 million Americans in the past 12 months alone, nearly half of all adults in the country, as companies struggle to keep up with growing cyber threats. It's hard to identify exact numbers, with larger companies not providing precise data of affected users following a large-scale data breach.
The compromised information typically includes various forms of personal information, including names, addresses, phone numbers, Social Security numbers, debit and credit card information, or bank account numbers. Companies such as Target and eBay suffered massive data breaches, while other companies are compromised to a smaller degree.
Collecting a lot of information about an individual is more valuable [for attackers]," said Larry Ponemon, Ponemon Institute head, in a statement to SCMagazine. "They'll take the data, and wait patiently. Then, two or three years after the breach, [the impacted] become the victim of identity theft."
If companies are unable to quickly identify when a data breach occurs, and what information was taken, then it makes sense that hackers are able to sit on stolen information. It's not uncommon for compromised data to be sold or traded on underground forums, where names, addresses, Social Security numbers, and bank account information can be found.