Millions of personal data records exposed or stolen by cybercriminals in 2015: Symantec

A new report released by California-based cyber-security firm Symantec revealed that apart from nine 'mega breaches' of personal data in 2015, tens of millions of personal records had likely been exposed or stolen by cyber criminals during the year. However, the cyber crimes went unreported due to the entities choosing to keep silent, it added.

According to the report, the number of companies that refused to report the scope of a data breach shot up 85 per cent last year, in what one senior Symantec officer termed a ''disturbing trend.'' The report added that around 429 million personal records were exposed in 2015, many of them through mega-breaches like the Office of Personnel Management hack and one that reportedly hit a huge voter database, but the number was based on entities that shared the scope of the breach.

The annual threat report revealed that cybercriminals had become better at creating unknown software bugs to ensure their attacks worked properly, they became more professional with practices that resembled that of actual software companies.

Kevin Haley, director of Symantec security, said in a statement: ''They have extensive resources and highly skilled technical staff that operate with such efficiency that they maintain normal business hours and even take the weekends and holidays off.''

The report further pointed out that cybercriminals were no longer focused solely on big corporations rather they were increasingly turning their attention to smaller firms, which could provide a ''back door'' for stealing reams of data and cash.

Cyber-criminals directed nearly half of the global attacks in 2015 against small companies with fewer than 250 staff, as they sought to exploit their digital weaknesses to steal information, bring down websites and sending spam.

Improved cyber security at larger companies had made small firms a more attractive target, according to the report.

According to Sian John, a chief strategist at Symantec, while small companies might hold less information on customers and fewer financial records, they could provide a backdoor into the larger corporations they supplied.

She added that 43 per cent of all attacks were now targeted at small businesses.