Security vendor Trustwave has conducted an investigation into the data breaches - and the results have thrown up some interesting stats.
The company's 2012 Global Security Report looked at more than 300 data breach investigations and 2,000 penetration tests performed by its SpiderLabs division, a group focused on forensics, ethical hacking and application security testing.
In terms of where the cybercriminals are focusing their efforts, for the second year running the food and beverage industry was the top target, making up 44% of investigations examined by Trustwave.
Franchise and chain stores were more attractive to cybercriminals than independent stores, primarily because they will use the same IT systems throughout the chain. Trustwave points out that if a hacker can breach one store, the rest in the chain are likely to be hit as well. Franchise and chain stores made up one-third of the 2011 investigations, the report said.
And what are the cybercriminals after? Customer details, of course. The vast majority (89%) of investigations were on breaches that targeted customer records, such as credit cards and personal details.
The report also revealed that despite the headlines and big news stories about data breaches, companies are still leaving themselves wide open to attacks. Analysis of two million business passwords revealed that the most common is... "Password1". Not only does it satisfy he default Microsoft Active Directory complexity setting but it is also easy to remember.
This echoes results from SplashData, who revealed the 25 worst passwords in late 2011. "Password" was top in that research, followed by "123456".
Companies also failed dismally at detecting when they had been breached, with just 16% of victims being able to detect the breach themselves. The rest relied on a combination of the public and regulators to alert them.
Overall, Trustwave conducted 42% more investigations in 2011 compared to 2010.
"Any organisation can be a target, but as detailed in our report findings, those most susceptible are businesses that maintain customer records or that consumers frequent most, including restaurants, retail stores and hotels," said Nicholas J. Percoco, senior vice president and head of Trustwave SpiderLabsPercoco.
"We advise organisations review our strategic recommendations for 2012 and take steps toward employing better security across their organisations," he added.
So what does Trustwave recommend organisations do to keep secure during 2012? The report concludes with the following six steps:
Qualys is the leading provider of on demand IT security risk and compliance solutions - delivered as a service. Qualys solutions enable...
Teneo is an infrastructure optimization company, providing solutions that help customers with the management, performance and virtualization of...
Webroot provides industry leading security solutions for consumers, enterprises and small and medium businesses worldwide.
Capscan is a leading supplier of international address management solutions and data integrity services. Capscan has more than 1800 customers...