Bzz—a notification popped up on my phone. It was an Instagram DM that seemed to be from someone I know, since they had the same name and profile picture. They asked me for my phone number because they needed it to “recover their account.” As foolish as it sounds, I give it to them. It turns out, in that moment, I was hacked.
Thankfully, this was not a significant privacy breach, as after thoroughly implementing two-factor authentication on all my accounts, I experienced no instances of spam calls, malicious mail, or any other attacks—at least those that I am aware of. I probably got off easy, but for millions around the world, this could completely ruin their lives.
In 2024 alone, it was estimated that there were around 16.8 billion exposed records and 6,670 large-scale data breaches. This means there were more than twice as many data breaches as there are humans on Earth.
Unfortunately, things do not get any better in 2025. A breach of the Salesforce Cloud System, directly linked to Gmail passwords and security, prompted Google to warn 2.5 billion users about potentially exposed credentials and to never share passwords with anyone. Clearly, the problem of data privacy and cybersecurity is an ever-growing issue, and with the advent of AI and powerful analytic tools, automation and creation of stealthy malware, spyware, and ransomware have never been easier.
A third of all reported cyberattacks involve ransomware, and as the systems that manage and operate them become more precise, effective, and organized, double and even triple-extortion ransomware is becoming increasingly common. 65 percent of companies reportedly experienced ransomware attacks in 2024, a notable increase from just four years ago, when the figure was 46 percent.
However, not all is doom and gloom. The advent of AI and intelligent algorithms as powerful analytical tools has greatly enhanced cybersecurity teams’ ability to detect suspicious logins and users, as well as to analyze and reverse-engineer malware to restore the system to operational capacity. The average cost of a data breach globally fell to $4.44 million, and the global average breach lifecycle to 241 days, 17 days shorter than last year.
This highlights the dual nature of modern technology in cyberspace and that it is no longer optional for us to be unaware of the adverse security breaches and phishing methods. It is a critical step not only to protect personal data but also the data of other individuals linked to users through social media accounts, contacts, and the internet. Roughly 63 percent of all victims fall prey due to a lack of information needed to discern the validity of potential scammers and phishers. It is no longer just the responsibility of governments or companies to protect our data; we must take measures ourselves, even at the expense of personal convenience.
One of the best ways to reduce our risk of a personal data breach is not to reuse the same passwords across all accounts. 65 percent of all Google users, for instance, reuse their passwords to some degree, a major security weak point easily exploited by hackers and cybercriminals. 81 percent of hacking-related breaches leverage stolen or weak passwords. With tools such as Google’s password manager, it is a worthwhile investment to use different passwords for different online accounts.
Just because some don’t care about passwords or digital information doesn’t mean you shouldn’t either. So the question is: what steps will you take to protect your information from being stolen?
