First Half 2017 Breach
Level Index Report: Identity Theft and Poor Internal Security Practices Take a
Toll
Level Index Report: Identity Theft and Poor Internal Security Practices Take a
Toll
Singapore, September 20, 2017 –
Gemalto, the world leader in digital security, today released the latest
findings of the Breach
Level Index, a global database of public data breaches, revealing 918 data
breaches led to 1.9 billion data records being compromised worldwide in the
first half of 2017. Compared to the last six months of 2016, the number of
lost, stolen or compromised records increased by a staggering 164%. A large
portion came from the 22 largest data breaches, each involving more than one
million compromised records. Of the 918 data breaches more than 500 (59% of all
breaches) had an unknown or unaccounted number of compromised data records.
Gemalto, the world leader in digital security, today released the latest
findings of the Breach
Level Index, a global database of public data breaches, revealing 918 data
breaches led to 1.9 billion data records being compromised worldwide in the
first half of 2017. Compared to the last six months of 2016, the number of
lost, stolen or compromised records increased by a staggering 164%. A large
portion came from the 22 largest data breaches, each involving more than one
million compromised records. Of the 918 data breaches more than 500 (59% of all
breaches) had an unknown or unaccounted number of compromised data records.
The
Breach Level Index is a global database that tracks data breaches and measures
their severity based on multiple dimensions, including the number of records
compromised, the type of data, the source of the breach, how the data was used,
and whether or not the data was encrypted. By assigning a severity score to
each breach, the Breach Level Index provides a comparative list of breaches,
distinguishing data breaches that are not serious versus those that are truly
impactful.
Breach Level Index is a global database that tracks data breaches and measures
their severity based on multiple dimensions, including the number of records
compromised, the type of data, the source of the breach, how the data was used,
and whether or not the data was encrypted. By assigning a severity score to
each breach, the Breach Level Index provides a comparative list of breaches,
distinguishing data breaches that are not serious versus those that are truly
impactful.
According
to the Breach Level Index, more than 9 billion data records have been exposed
since 2013 when the index began benchmarking publicly disclosed data breaches.
During the first six months of 2017, more than ten million records were
compromised or exposed every day, or one hundred and twenty-two records every
second, including medical, credit card and/or financial data or personally
identifiable information. This is particularly concerning, since less than 1%
of the stolen, lost or compromised data used encryption to render the
information useless, a 4% drop compared to the last six months of 2016.
to the Breach Level Index, more than 9 billion data records have been exposed
since 2013 when the index began benchmarking publicly disclosed data breaches.
During the first six months of 2017, more than ten million records were
compromised or exposed every day, or one hundred and twenty-two records every
second, including medical, credit card and/or financial data or personally
identifiable information. This is particularly concerning, since less than 1%
of the stolen, lost or compromised data used encryption to render the
information useless, a 4% drop compared to the last six months of 2016.
“IT
consultant CGI and Oxford Economics recently issued a study, using data from
the Breach Level Index and found that two-thirds of firms breached had their
share price negatively impacted. Out of the 65 companies evaluated the breach
cost shareholders over $52.40 billion,” said Jason Hart, Vice
President and Chief Technology Officer for Data Protection at Gemalto. “We
can expect that number to grow significantly, especially as government
regulations in the U.S., Europe and elsewhere enact laws to protect the privacy
and data of their constituents by associating a monetary value to improperly
securing data. Security is no longer a reactive measure but an expectation from
companies and consumers.”
consultant CGI and Oxford Economics recently issued a study, using data from
the Breach Level Index and found that two-thirds of firms breached had their
share price negatively impacted. Out of the 65 companies evaluated the breach
cost shareholders over $52.40 billion,” said Jason Hart, Vice
President and Chief Technology Officer for Data Protection at Gemalto. “We
can expect that number to grow significantly, especially as government
regulations in the U.S., Europe and elsewhere enact laws to protect the privacy
and data of their constituents by associating a monetary value to improperly
securing data. Security is no longer a reactive measure but an expectation from
companies and consumers.”
Primary Sources of Data Breaches
Malicious outsiders made up the largest percentage of data breaches (74%), an
increase of 23%. However, this source accounted for only 13% of all stolen,
compromised or lost records. While malicious insider attacks only made up 8% of
all breaches, the amount of records compromised was 20 million up from 500,000
an increase of over 4,114% from the previous six months.
Malicious outsiders made up the largest percentage of data breaches (74%), an
increase of 23%. However, this source accounted for only 13% of all stolen,
compromised or lost records. While malicious insider attacks only made up 8% of
all breaches, the amount of records compromised was 20 million up from 500,000
an increase of over 4,114% from the previous six months.
Leading Types of Data Breaches
For the first six months of 2017, identity theft was the leading type of data
breach in terms of incident, accounting for 74% of all data breaches, up 49% from
the previous semester. The number of records compromised in identity theft
breaches increased by 255%. The most significant shift was the nuisance
category of data breaches representing 81% of all lost, stolen or compromised
records. However, in terms of the number of incidents, nuisance type attacks
were only slightly over 1% of all data breaches. The number of compromised
records from account access attacks declined by 46%, after a significant spike
in the 2016 BLI
full year report.
For the first six months of 2017, identity theft was the leading type of data
breach in terms of incident, accounting for 74% of all data breaches, up 49% from
the previous semester. The number of records compromised in identity theft
breaches increased by 255%. The most significant shift was the nuisance
category of data breaches representing 81% of all lost, stolen or compromised
records. However, in terms of the number of incidents, nuisance type attacks
were only slightly over 1% of all data breaches. The number of compromised
records from account access attacks declined by 46%, after a significant spike
in the 2016 BLI
full year report.
Biggest Industries Affected by Data Breaches
Most
of the industries the Breach Level Index tracks had more than a 100% increase
in the number of compromised, stolen or lost records. Education witnessed one
of the largest increases in breaches up by 103% with an increase of over 4,000%
in the number of records. This is the result of a malicious insider attack
compromising millions of records from one of China’s largest comprehensive
private educational companies. Healthcare had a relatively similar amount of
breaches compared to the last six months of 2016, but stolen, lost or
compromised records increased 423%. The U.K’s National Health Service was one
of the top five breaches in the first half with over 26 million compromised
records. Financial services, government and entertainment were also industries
that experienced a significant jump in the number of breached records, with
entertainment breach incidents increasing 220% in the first six months of 2017.
of the industries the Breach Level Index tracks had more than a 100% increase
in the number of compromised, stolen or lost records. Education witnessed one
of the largest increases in breaches up by 103% with an increase of over 4,000%
in the number of records. This is the result of a malicious insider attack
compromising millions of records from one of China’s largest comprehensive
private educational companies. Healthcare had a relatively similar amount of
breaches compared to the last six months of 2016, but stolen, lost or
compromised records increased 423%. The U.K’s National Health Service was one
of the top five breaches in the first half with over 26 million compromised
records. Financial services, government and entertainment were also industries
that experienced a significant jump in the number of breached records, with
entertainment breach incidents increasing 220% in the first six months of 2017.
Geographic Distribution of Data Breaches
North
America still makes up the majority of all breaches and the number of
compromised records, both above 86%. The number of breaches in North America
increased by 23% with the number of records compromised skyrocketing by 201%.
Traditionally, North America has always had the largest number of publicly
disclosed breaches and associated record numbers, although this is poised to
change in 2018 when global data privacy regulations like the European General
Data Protection Regulation (GDPR) and Australia’s Privacy Amendment
(Notifiable Data Breaches) Act are enforced. Europe currently only had 49
reported data breaches (5% of all breaches), which is a 35% decline from the previous
six months.
America still makes up the majority of all breaches and the number of
compromised records, both above 86%. The number of breaches in North America
increased by 23% with the number of records compromised skyrocketing by 201%.
Traditionally, North America has always had the largest number of publicly
disclosed breaches and associated record numbers, although this is poised to
change in 2018 when global data privacy regulations like the European General
Data Protection Regulation (GDPR) and Australia’s Privacy Amendment
(Notifiable Data Breaches) Act are enforced. Europe currently only had 49
reported data breaches (5% of all breaches), which is a 35% decline from the previous
six months.
Related Resources:
· For a full
summary of data breach incidents by industry, source, type and geographic
region, download the First Half
2017 Breach Level Index Report
summary of data breach incidents by industry, source, type and geographic
region, download the First Half
2017 Breach Level Index Report
· Download
the info graphic here
the info graphic here
· Visit the
BLI website here
BLI website here
For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!