Ransomware attacks leading to data breaches fell 20% in the second quarter of 2022 compared with the first quarter and dropped quarter over quarter, according to new data from the Identity Theft Resource Center.

"Security researchers believe that the decline in ransomware attacks is due to a combination of factors, including the ongoing conflict in Ukraine and the collapse of cryptocurrencies favored by cybercriminals," the ITRC report notes. "All of these trends – fewer compromises, fewer victims, few ransomware attacks – can be reversed quickly with just a handful of large breaches or a series of smaller ones."

The ITRC report also says that phishing remained the No. 1 root cause of data compromises in the first half of 2022. Data compromises rose slightly in the second quarter of the year, although the pace of data compromises for the first half of 2022 is down 4% compared with the same period in 2021.

But the ITRC study also shows that the data indicating a downward trend in breaches and ransomware numbers could be an illusion, masked by the nearly 40% of data breach notices that don't include basic information, such as attack vector or a victim count. This is the first time that "unknown" topped the list of data breach causes since the ITRC began tracking data breaches.

So far in 2022, there have been 817 publicly reported data breaches with 53,350,425 victims, down from the record-high 851 recorded by the ITRC in 2021. This includes 802 data breaches with 46,209,107 victims, 10 data exposures affecting 7,136,948 victims, and 5 unknown events numbering 4,370 victims, according to ITRC data.

In the first half of 2022, 367 entities were affected by 44 third-party/supply chain attacks, including 10 attacks reported in the two previous years. Among those singled out by the report were the Illuminate Education, Ciox Health, and Eye Care Leaders supply chain attacks.

System errors and human errors also contributed to data exposures and included failures to configure cloud security, misconfigured firewalls, and email correspondence containing sensitive information. Physical attacks, which include device theft and improper disposal, resulted in 13 breaches in the second quarter of 2022, for a total of 115,395 victims.

Ransomware, Phishing Threat to Businesses Still Acute

As malicious actors move their focus away from individuals, organizations are bearing the brunt of attacks, with global ransomware incidents targeting everything from enterprise servers to grounding an airline.

Data pulled from incident response cases by Unit 42 earlier in the year showed cyber-extortion attacks jumped by 85% as ransomware attackers demanded dramatically higher ransom fees in 2021.

A February report by the ITRC showed phishing is also one of the primary data-breach causes at many organizations in 2021. According to the ITRC, 537 out of 1,613 publicly disclosed breaches in 2021 — or one-third — involved phishing, smishing, or business email compromise.

Malicious actors are moving their focus to small businesses, which are likely to have fewer security resources to combat such attacks — a QuickBooks vishing scam targeting SMBs was just the latest in a string of incidents.