Analytics // Threat Intelligence
5/1/2014
08:50 AM
Tim Wilson
Tim Wilson
Quick Hits
50%
50%

Report: Nearly 200 Million Records Compromised In Q1

More than 250 breaches were disclosed in Q1 2014, SafeNet report says.

More than 250 data breaches occurred in the first quarter of 2014, resulting in the compromise of nearly 200 million records, according to a report published this week.

According to SafeNet's "Breach Level Index," the pace of compromised data in Q1 amounted to approximately 93,000 records per hour, a 233 percent increase over the same quarter in 2013.

Interestingly, despite much discussion of retail security following breaches at Target and other retailers in Q4 2013, the retail industry accounted for just 1 percent of the records lost in Q1, and just 10 percent of the breaches. The financial industry was hit hardest during Q4, accounting for 58 percent of records lost. The technology industry accounted for 20 percent of lost records. The healthcare industry was hit hard in terms of breach events, accounting for 24 percent of all breaches, but only 9 percent of data records lost.

South Korea took the top spot of all countries with four of the top five breaches worldwide and a loss of 158 million records across a variety of industries. This represents 79 percent of the total number of reported breached records worldwide. These four breaches included the Korea Credit Bureau, Korean Medical Association, Korea Telecom, and Naver, a major Korean search portal. While the number of South Korean breached records was extremely high, the number of breach incidents in Asia/Pacific as a whole accounted for only 7 percent of the total number of global breaches, dwarfed by the 78 percent (199 incidents) that occurred in North America and 13 percent in Europe.

Malicious outsiders accounted for 156 (62 percent) of total incidents during the first quarter, compromising more than 86 million records stolen. Malicious insiders accounted for just 11 percent of total incidents, but they were much more effective, accounting for 52 percent of records stolen. Accidental loss represented 25 percent of total incidents, while hacktivist and state-sponsored attacks added up to just 2 percent of the total.

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
BobH088
50%
50%
BobH088,
User Rank: Apprentice
5/2/2014 | 10:53:44 AM
solution
One of the most common causes of data getting in the wrong hands is the loss of mobile devices that often contain a frightening amount of private information. I want to share a protection option that worked for me. Tracer tags (mystufflostandfound.com) let someone who finds your lost stuff contact you directly without exposing your private information.  I use them on almost everything I take when I travel like my phone, passport and luggage after one of the tags was responsible for getting my lost laptop returned to me in Rome one time.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
5/1/2014 | 5:06:08 PM
Re: Confusing description of the amount of records breached
Yes, you would think these numbers would spur some action..We'll see.
Duane T
100%
0%
Duane T,
User Rank: Apprentice
5/1/2014 | 12:13:44 PM
Confusing description of the amount of records breached
"the pace of compromised data in Q1 amounted to approximately 93,000 records per hour"

Does that mean the average was 93,000 records per hour, or that we're on pace to reach that level? I was left looking for additional follow up, as I usually see a continued "size of problem" explanation that might be even scarier "if this rate of increase continues, we'll reach 1B records" or some other scary figure.

Why does this matter? Sometimes such a summary puts the figure into a perspective that can spur action.  The previous commentor knows exactly where this goes, since 1B records would mean that every US cititzen would have their records stolen 3 times. That may or may not happen, however, this is a very possible outcome of the tread from this article. I don't know what it will take but these numbers should spur deeper and more serious thinking about security for retailers and other firms.
Robert McDougal
50%
50%
Robert McDougal,
User Rank: Ninja
5/1/2014 | 10:28:41 AM
Tip of the iceberg
What is amazing to me is this is just the numbers that were reported.  Many times when a breach occurs the organization covers up the incident rather than reporting it.  Other times, a breach occurs and no one notices.

To put this number into perspective, lets imagine that each of the 200 million records was a unique record for someone living in the USA.  That would mean that 63% of all Americans had a compromised record in the first quarter of this year.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5395
Published: 2014-11-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3276 and E3236 TCPU before V200R002B470D13SP00C00 and WebUI before V100R007B100D03SP01C03, E5180s-22 before 21.270.21.00.00, and E586Bs-2 before 21.322.10.00.889 allow remote attackers to hijack the authentication of users ...

CVE-2014-7137
Published: 2014-11-21
Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) contactid parameter in an addcontact action, (2) ligne parameter in a swapstatut action, or (3) project_ref parameter to projet/tasks/contact.php; (4...

CVE-2014-7871
Published: 2014-11-21
SQL injection vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev36 and 7.6.x before 7.6.0-rev23 allows remote authenticated users to execute arbitrary SQL commands via a crafted jslob API call.

CVE-2014-8090
Published: 2014-11-21
The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nes...

CVE-2014-8469
Published: 2014-11-21
Cross-site scripting (XSS) vulnerability in Guests/Boots in AdminCP in Moxi9 PHPFox before 4 Beta allows remote attackers to inject arbitrary web script or HTML via the User-Agent header.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?