REPORT: 2023 On Track for Record Year Of API Breaches
API security provider FireTail Inc. today published The State of APIs and API Security in 2023, an analysis of significant API breaches and incidents over the last decade. The report underscores how API breaches increasingly impact the digital security of individuals and organizations on a massive scale.
Key findings:
- The top two highest-impact breach vectors for API breaches are authorization (135 million records, 28% of all records breached) and authentication (105 million records, 22% of all records breached).
- 2023 is on track to be a record year of API breaches, with disclosures in the first two months of the year alone having a potential impact of 49 million records.
- Over 500 million records have been exposed or are at-risk from APIs.
- Most API breaches involve two or more problems/missteps by an organization, meaning it’s usually not just a configuration issue that causes a breach.
71% say the ability to integrate with other systems is driving their POS purchase decisions, according to HT’s 2023 POS Software Trends Report. As the world becomes increasingly interconnected, the demand for secure and reliable APIs has never been greater. Hospitality companies are looking to gain efficiencies through integration.
Over 83% of internet traffic today is API calls, and that percentage is expected to increase over the coming years For example a cloud-based food delivery app could involve up to 25 API calls. Between the order being placed, transmission to the restaurant, the coordination of delivery and processing of payments, this multi-party transaction includes at least four third-party providers and a high volume of sensitive data shared between them. As seen in FireTail’s research, the proliferation of APIs offers malicious actors a variety of attack vectors.
To help organizations address these growing threats and secure their APIs, FireTail offers a unique hybrid approach to API security. The open-source library gives any developer, free and unfettered access to the FireTail code library for enforcing API security at runtime.