Unfortunately, data breaches are very common incidents today, with email addresses being one of the most exposed data in these cases. In this regard, information security experts, in collaboration with the firm Who Is Hosting This, conducted a study to find the most secure email services, as well as those most exposed to hackers.
One of the most interesting findings of this
research has to do with the volume of email addresses exposed among the main
providers of these services. For example, it was discovered that 99.8% of
AOL.com email addresses have been exposed in some data
breach, making it the most insecure email service.
Under this approach, the most secure service is Gmail, which has suffered exposure of only 74% of its total email accounts, as information security experts mentioned. Other platforms with high exposure rate are MSN (95.1%), Hotmail (87.1%) and Yahoo (86.6%).
Of course this is a reflection of security in
each company, although another possible explanation is that AOL has been
operating for almost two decades longer than Gmail, a determining factor in the
difference between the two platforms.
The study also mentions that 79.5% of
.com-terminated email addresses (of all companies) have appeared in some data
breach; on average, each compromised address is detected in 30 different data
breaches. The following in the list are the email addresses .uk (63% of exposed
accounts) and .ca (59%).
Information security experts also found that
shorter email addresses tend to appear in data breaches more frequently than
longer addresses, and the trend seems more defined if it’s male users. Finally,
email addresses with job titles are less likely to suffer these incidents than
the other addresses.
As a recommendation, specialists from the
International Institute of Cyber Security (IICS) recommend not using a short
name in the address, as well as never including simple sequences of numbers
(such as 123, 890, among others). Using backup addresses and multi-factor
authentication are also good security measures in the event of a data breach.