Attacks/Breaches

1/25/2017
03:15 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Data Breaches Exposed 4.2 Billion Records In 2016

The 4,149 data breaches reported in 2016 shattered the all-time high of nearly 1 billion exposed records in 2013.

Over the past year, 4,149 data breaches compromised more than 4.2 billion records, shattering the previous all-time high of about 1 billion exposed records in 2013.

This finding comes from the 2016 Data Breach QuickView report, released January 25 by Risk Based Security (RBS). Researchers discovered the number of data breaches was fairly consistent between 2015 and 2016, but their severity skyrocketed. 

In 2016, there were 94 reported incidents exposing at least one million records each, and 37 incidents exposing ten million or more records. Compared with 2015, this marks an increase of 63% and 105%, respectively.

It didn't take many breaches to compromise a record-breaking amount of customer information. The top ten breaches of 2016, which included nine hacks and one web breach, led to the exposure of a combined three billion records.

RBS discovered businesses accounted for 51% of reported breaches, surpassing unknown (23.4%), government (11.7%), medical (9.2%), and education (4.7%) industries. Most (80.9%) exposed records also came from the business sector.

The number of breaches by industry sector roughly corresponds with economic activity, explains Inga Goddijn, EVP of Risk Based Security. RBS has the largest central collection of publicly disclosed breaches, she continues, which provides a broad view into where incidents happen.

"What our data shows is that really, no industry is immune to data loss," Goddijn says. "Any organization that has sensitive data -- which is every organization with employees or confidential business information -- can be a target."

Findings from the RBS data breach study are supported by further research from the Online Trust Alliance (OTA), which today released its 2017 Cyber Incident & Breach Response Guide. "Cyber incident" encompasses events including corporate data loss, ransomware, unreported breaches, and incidents not involving covered information.

OTA concluded there were about 82,000 cyber incidents in 2016, affecting 225 organizations around the world each day. However, given that the majority of cyber incidents go unreported, it believes the actual number of annual events could exceed 250,000.

Businesses can learn from the consequences of high-profile attacks. Aside from financial loss, organizations are vulnerable to security threats and reputational damage. The OTA report cites research from the Internet Society, which discovered 59% of users would likely not do business with a company that had suffered a data breach.

While some incidents are unavoidable no matter how strong your security, many can be stopped with the right measures. OTA found more than 90% of cyber incidents could have been prevented.

The threat of data breaches will continue to grow so long as hackers' motivations remain the same, says Goddijn.

"As long as there is money to be made out of unauthorized access and data theft, malicious actors will continue to refine and improve their attack methods," she explains. "The wave of targeted phishing scams, seeking W2 details, that took place early in the first part of the year is a good example."

Phishing is not a new business threat, she says, but scammers successfully refined their approach by targeting HR personnel during the height of tax data preparation season. More than 100 companies and their employees were victims of this type of attack, which led to data being used in fake tax return schemes.

"Early indications look as if we might see a repeat of this in 2017," Goddijn notes. "We've already captured half a dozen such events this year and expect more to follow in the coming months."

While it's difficult to predict the future, Goddijn is "certain" data breaches will continue. It's no longer enough for busiensses to solely focus on prevention.

"Given where we are with the state of breach activity today, organizations need to also be thinking about response and recovery as integral components of security management," she says.

Related Content

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
6 Reasons Why Employees Violate Security Policies
Ericka Chickowski, Contributing Writer, Dark Reading,  10/16/2018
Getting Up to Speed with "Always-On SSL"
Tim Callan, Senior Fellow, Comodo CA,  10/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Latest Comment: Too funny!
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399
PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.