Globally, the use of APIs has been on a constant increase as they are a great tool for businesses. However, the growth of APIs has also resulted in a significant rise of API security breaches over the last few years. Notably, unprotected APIs (application program interfaces) have emerged as the leading factor behind the disastrous data breaches that have occurred at major telecom operators around the world, in the recent past.
In the SEC filing, T-Mobile also revealed that the intruders did not breach any computer system to access the sensitive information of its customers. Instead, the intruders targeted the application programming interface. According to the firm, the breached API belonged to an unknown, and therefore, unprotected shadow assets. Since 2018, this has been the eighth instance when T-Mobile, having more than 110 million customers in the United States, was hacked.
In another data breach, at a major telecom operator, the sensitive and personal information of about 9.8 million customers was exposed.
With API services enabling much of the key functionality for modern apps and websites around the world, the use of APIs is projected to only grow significantly over the next three to four years. These data breaches affecting millions of customers, at major telecom operators, are a wake-up call for most organizations across industry verticals to take API security more seriously. In the past, firms such as LinkedIn, Venmo, and HubSpot have also suffered massive data breaches due to unsecured APIs. With these data breaches not only affecting the firm’s reputation but also costing them millions of dollars, TechInsight360 expects the investment in the API security space to grow significantly from the short to medium-term perspective.
Furthermore, as the volume of APIs used by businesses continues to grow rapidly, the number of potential vulnerabilities will also increase substantially. This will, therefore, drive the demand for API security providers in the global market from the short to medium-term perspective. Consequently, over the next three to four years, TechInsight360 also expects the number of firms offering API security services to grow multi-fold across the world, owing to the rapid surge in API attacks.
TechInsight360’s reports combine detailed view on market opportunity, best practices, emerging business models, and market innovation to help clients identify unique opportunities.