For more than a decade, the Identity Theft Resource Center has tracked data breaches to form a better picture of how this issue continues to occur and to identify trends over time. Now, 2017 has posted a new record.
Almost every single year since this monitoring began, data breaches have continued to set new records for both the number of events and the numbers of compromised consumer records. According to the mid-year report, “The number of U.S. data breaches tracked through June 30, 2017, hit a half-year record high of 791, according to recent numbers released by the Identity Theft Resource Center (ITRC) and CyberScout*. This represents a significant jump of 29 percent over 2016 figures during the same time period. At this pace, ITRC anticipates that the number of breaches could reach 1,500 in 2017, a 37 percent annual increase over 2016 when breaches reached an all-time record high of 1,093.”
How are these events coming about? In the first half of the year, hacking was the single most common form of attack, which included things like ransomware attacks and phishing attempts. The rest of the top three included things like employee error and accidental overexposure, such as when a database of information is accessible on an unsecured web server.
As to what industry is most affected by the data breaches “the business sector continues to top the list at 54.7 percent of the total breaches, followed by the healthcare/medical industry at 22.6 percent. The education sector ranks third at 11 percent of the total breaches followed by the banking/credit/financial industry at 5.8 percent and the government/military at 5.6 percent.”
One of the most alarming findings of the report is that Social Security numbers, the “Holy Grail” of personal identifiable information, continue to be exposed in the majority of breaches. Only a handful of years ago, cybercriminals were happy to get their hands on things like credit card numbers and account information, then use that data to rack up high-dollar debt before the account was closed. Now, SSNs provide criminals with a lifetime of possible new accounts, making them a sought-after part of the data breach equation.
*CyberScout is a financial sponsor of the Identity Theft Resource Center.