The amount of information exposed due to data breaches has hit a terrifying new high-water mark, according to findings released this week from Richmond, Virginia-based cyberanalytics firm Risk Based Security.
Between January 1 and June 30 of this year, there were 2,227 publicly disclosed data breaches and they exposed more than 6 billion records, according to a mid-year report by the company. And although the number of breaches midway through 2017 is roughly the same as the first six months of 2015 and 2016, the total number of records compromised in the first half of 2017 is already higher than all of 2016, it said.
“It is stunning to see the steady increase in the number of breaches impacting one million or more records. In the first six months of 2013, 2014 and 2015, the number of these large breaches hovered in the mid-teens. Last year we saw that number jump to 28, and now, for the first six months of this year, we’re tracking 50 such incidents,” said Risk Based Security Executive Vice President Inga Goddijn. “Even more striking, in Q1 we had a new single largest breach disclosed, only to [be] replaced by yet another all-time largest breach in Q2.”
That all-time largest breach occurred in China and exposed 2 billion records, but the next largest was reported here in the United States in March, when 1.3 billion records from River City Media, LLC were exposed. Four 2017 breaches have landed on Risk Based Security’s top 10 list of the all-time largest breaches.
So far this year, just 10 breaches have accounted for 5.6 billion of the 6 billion records exposed, the company said. Likewise, just 10 countries accounted for 77% of the breaches reported and 98% of the records compromised.
First on that list is the United States, which accounted for 61.4% of all breaches and about a third of the exposed records in the first half of the year, according to the report.
Incidents in just 10 states — California, Texas, Florida, New York, Pennsylvania, Virginia, Ohio, Illinois, Maryland and North Carolina — represented half of all U.S. breaches this year. However, when it comes to the number of records exposed, the state of Washington was far and away in first place, with 1.4 billion records exposed during the first half of 2017. That accounted for 73% of all the records exposed in the United States.
Usernames, email addresses and passwords are still popular targets, but the overall number of breaches impacting these records steadily declined during the first half of 2017. Instead, more criminals are targeting tax data, the company said.
“Compared to the same time period in 2016, the percentage of breaches impacting Social Security numbers increased from 17.6% in 2016 to 26.1% in 2017,” the company reported. “Likewise, the percentage of breaches impacting names increased from 36.1% to 40.6% and the percentage impacting physical addresses increased from 21.6% to 30.4%. Research indicates this effect is attributable to the steady rise of successful phishing campaigns targeting W-2 data during the first four months of the year.”
Hacking is still the largest single cause of data breaches (42% are caused that way, the report said), but another 272 breaches so far this year have been due to skimming. Phishing and viruses have also caused 253 and 209 breaches this year, respectively. About one in six breaches was an inside job, though most of the time it’s accidental, according to the data.
The method used to breach data is one thing; the number of records compromised in another. Inadvertent online disclosures have caused a relatively small number of data breaches so far this year — just 158, according to the report — but those breaches were responsible for about 68% of the exposed records, Risk Based Security said.
Breach detection is still a mystery for many victims. About half the time, external parties discovered the data breaches — internal sources discovered just 443 of the 2,227 breaches reported during the first six months of the year, the report said. For 687 breaches, there’s been no disclosure about how they were discovered.
“There are a lot of moving parts to an effective patch-management program, but no matter how strong that process might be, it can be undermined when known vulnerabilities are missed simply because the organization was not aware to look for them,” she said.
“While news of politically motivated foreign interference in election systems continues to dominate the headlines, the breach activity we are tracking this year is a stark reminder of just how many data compromise incidents are motivated by financial gain. As long as information can be quickly monetized and systems remain vulnerable to attack, we should not expect to see any slowdown in breach activity,” Goddijn warned.