MOUNTAIN VIEW, Calif. (4/21/15)--A recent report from the Internet security firm Symantec revealed just how devastating an attack on a retailer can be for consumers.

The 2015 Internet Security Threat Report found that retailers were responsible for exposing roughly 59% of all personal data compromised last year, despite only representing 11% of all breaches recorded (Pymnts.com April 20). 

Given the sheer quantity of personal data in the possession of retailers nationwide, it's no surprise CUNA continues to urge lawmakers at the national level to pass legislation that would require merchants to protect data as strongly as financial institutions do.

It's also not just the mega-retailers that are vulnerable, the report found, as roughly 60% of the targeted organizations last year were either small- or medium-sized. This may be especially concerning, as smaller organizations often have more difficulty defending themselves (Pymnts.com).

Additional findings from the report:

• The percentage of breaches in which financial information was compromised doubled to 36% from 18% during the year;
   
• Symantec counted 23% more breaches in 2014;
   
• Spear-phishing--an email spoofing fraud method that targets an organization by seeking unauthoriezed access to confidential data--climbed 8%, while the cybercriminals behind such attacks became more efficient. Criminals sent 14% fewer emails to 20% fewer targets, while their success improved;
   
• Malware continued to flourish, with more than 317 million new pieces of malware created last year, or nearly 1 million per day; and
   
• Digital extortion, or ransomware attacks jumped 113% in 2014, including a 4,000% increase in crypto-ransomware attacks where cybercriminals freeze a victim's files or systems until they receive a payment, or a ransom.