Databases still vulnerable to SQL injection attacks because applications that use databases still do not filter input variables of malicious code. Data security has evolved, but only to meet some of the threats from five years ago. The attackers are motivated professionals who have evolved their abilities to derive money from the stolen data. Most IT organizations have better security that they did 10 years ago, but they are very likely to remain vulnerable to attack. Spear-phishing of individuals has been on the rise, as have the targeted attacks on specific companies.”]
Source: https://www.darkreading.com/database-security/data-breaches-on-the-rise-