Attacks/Breaches
1/25/2017
03:15 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Data Breaches Exposed 4.2 Billion Records In 2016

The 4,149 data breaches reported in 2016 shattered the all-time high of nearly 1 billion exposed records in 2013.

Over the past year, 4,149 data breaches compromised more than 4.2 billion records, shattering the previous all-time high of about 1 billion exposed records in 2013.

This finding comes from the 2016 Data Breach QuickView report, released January 25 by Risk Based Security (RBS). Researchers discovered the number of data breaches was fairly consistent between 2015 and 2016, but their severity skyrocketed. 

In 2016, there were 94 reported incidents exposing at least one million records each, and 37 incidents exposing ten million or more records. Compared with 2015, this marks an increase of 63% and 105%, respectively.

It didn't take many breaches to compromise a record-breaking amount of customer information. The top ten breaches of 2016, which included nine hacks and one web breach, led to the exposure of a combined three billion records.

RBS discovered businesses accounted for 51% of reported breaches, surpassing unknown (23.4%), government (11.7%), medical (9.2%), and education (4.7%) industries. Most (80.9%) exposed records also came from the business sector.

The number of breaches by industry sector roughly corresponds with economic activity, explains Inga Goddijn, EVP of Risk Based Security. RBS has the largest central collection of publicly disclosed breaches, she continues, which provides a broad view into where incidents happen.

"What our data shows is that really, no industry is immune to data loss," Goddijn says. "Any organization that has sensitive data -- which is every organization with employees or confidential business information -- can be a target."

Findings from the RBS data breach study are supported by further research from the Online Trust Alliance (OTA), which today released its 2017 Cyber Incident & Breach Response Guide. "Cyber incident" encompasses events including corporate data loss, ransomware, unreported breaches, and incidents not involving covered information.

OTA concluded there were about 82,000 cyber incidents in 2016, affecting 225 organizations around the world each day. However, given that the majority of cyber incidents go unreported, it believes the actual number of annual events could exceed 250,000.

Businesses can learn from the consequences of high-profile attacks. Aside from financial loss, organizations are vulnerable to security threats and reputational damage. The OTA report cites research from the Internet Society, which discovered 59% of users would likely not do business with a company that had suffered a data breach.

While some incidents are unavoidable no matter how strong your security, many can be stopped with the right measures. OTA found more than 90% of cyber incidents could have been prevented.

The threat of data breaches will continue to grow so long as hackers' motivations remain the same, says Goddijn.

"As long as there is money to be made out of unauthorized access and data theft, malicious actors will continue to refine and improve their attack methods," she explains. "The wave of targeted phishing scams, seeking W2 details, that took place early in the first part of the year is a good example."

Phishing is not a new business threat, she says, but scammers successfully refined their approach by targeting HR personnel during the height of tax data preparation season. More than 100 companies and their employees were victims of this type of attack, which led to data being used in fake tax return schemes.

"Early indications look as if we might see a repeat of this in 2017," Goddijn notes. "We've already captured half a dozen such events this year and expect more to follow in the coming months."

While it's difficult to predict the future, Goddijn is "certain" data breaches will continue. It's no longer enough for busiensses to solely focus on prevention.

"Given where we are with the state of breach activity today, organizations need to also be thinking about response and recovery as integral components of security management," she says.

Related Content

Kelly Sheridan is Associate Editor at Dark Reading. She started her career in business tech journalism at Insurance & Technology and most recently reported for InformationWeek, where she covered Microsoft and business IT. Sheridan earned her BA at Villanova University. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Cybersecurity's 'Broken' Hiring Process
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/11/2017
Ransomware Grabs Headlines but BEC May Be a Bigger Threat
Marc Wilczek, Digital Strategist & CIO Advisor,  10/12/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Search Cybersecuruty and you will get unicorn.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.