Home Page Featured 4

While the number of breaches in 2019 increased, the number of sensitive records exposed decreased

SAN DIEGO, January 28, 2020 – Today, the Identity Theft Resource Center®, a nationally recognized non-profit organization established to support victims of identity crime, released its annual End-of-Year Data Breach Report for 2019 with the support of the report’s long-time sponsor CyberScout®, a global leader in identity theft resolution, data defense and employee benefits services.

According to the report, the number of U.S. data breaches tracked in 2019 (1,473) increased 17 percent from the total number of breaches reported in 2018 (1,257). However, 2019 saw 164,683,455 sensitive records exposed, a 65 percent decrease from 2018 (471,225,862). The 2018 Marriott data breach exposed 383 million records alone, significantly skewing the data.

Download the report here: https://www.idtheftcenter.org/2019-data-breaches/

 “The increase in the number of data breaches during 2019, while not surprising, is a serious issue,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center. “It would appear that 2018 was an anomaly in how many data breaches were reported and the number of records exposed. The 2019 reporting year sees a return to the pattern of the ever-increasing number of breaches and volume of records exposed. Because that means more consumers are becoming victims, the ITRC will continue to help them by providing guidance on the best ways to navigate the dangers of exposed personally identifiable information (PII) from a data breach and the risks of identity crime as a result.”

“This year’s report paints a mixed view of the landscape as we continue to work with businesses and consumers alike to thwart cyber criminals and contain their damage,” said Matt Cullina, CyberScout’s EVP of Strategic Partnerships and Managing Director of Global Markets; and Board Chair of the Identity Theft Resource Center. “The overall increase in breaches is certainly concerning. However, the extraordinary drop in the number of records exposed and the incredible feat of cutting the sensitive PII exposed by two thirds, indicates that we may be moving in a good direction with regards to the extent of the damage associated with breaches. Businesses and consumers need to continue to be vigilant in protecting data and systems, ensuring they have current protections in place, because even non-sensitive data exposure can lead to more serious issues.”

Another critical finding was that “hacking” was responsible for the highest percentage of data breaches (39 percent) and the highest number of non-sensitive records exposed (81 percent). “Unauthorized access” was the second most common breach method identified with nearly the same percentage as hacking at 36.5 percent. Unauthorized access continued to be a catch-all category with little transparency on the actual method of intrusion throughout 2019.

For the second straight year, the business sector had the most data breaches (644), while the medical/healthcare sector had the second most (525). The government/military sector had the fewest amount of breaches in 2019 at 83.

The ITRC has also now tracked over 10,000 publicly-notified data breaches since 2005, hitting that milestone in the spring of 2019.

For anyone that has been a victim of a data breach, the ITRC recommends downloading its free app to manage the various aspects of an individual’s data breach case.

Consumers and victims can receive free support and guidance from a knowledgeable live-advisor by calling 888.400.5530 or visiting www.idtheftcenter.org to live-chat.

###

About the Identity Theft Resource Center

Founded in 1999, the Identity Theft Resource Center® (ITRC) is a nationally recognized non-profit organization established to support victims of identity theft in resolving their cases, and to broaden public education and awareness in the understanding of identity theft, data breaches, cybersecurity, scams/fraud and privacy issues. Through public and private support, the ITRC provides no-cost victim assistance and consumer education through its contact center, website, social media channels, live chat feature and ID Theft Help app. For more information, visit: http://www.idtheftcenter.org

Identity Theft Resource Center
Charity Lacey
VP of Communications
O: 858-634-6390
C: 619-368-4373
clacey@idtheftcenter.org

About CyberScout

Since 2003, CyberScout® has set the standard for full-spectrum identity, privacy and data security services, offering proactive protection, employee benefits, education, resolution, identity management and consulting as well as breach preparedness and response programs. CyberScout products and services are offered globally by 660 client partners to more than 17.5 million households worldwide, and CyberScout is the designated identity theft services provider for more than 750,000 businesses through cyber insurance policies. CyberScout combines extensive experience with high-touch service to help individuals, government, nonprofit and commercial clients minimize risk and maximize recovery.

CyberScout
Heather McLaughlin
media@cyberscout.com

Many professionals view air-travel days as an opportunity to get some extra work done, pay bills online, or distract themselves during their commute by surfing the internet. The convenience and ease of use of modern laptops and iPads have made it easy to stay connected in route. As a result, public Wi-Fi is now commonplace in most major airports and even becoming more common on the airplanes themselves. As with most technological conveniences these days, in addition to the obvious advantages, wifi in airports pose additional risk to consumers who may not be aware that they’re in potentially dangerous ‘hot zones’ for identity theft.

Public wifi is a beacon for those who would seek to harvest your personal information through your internet connection. Free wireless networks are usually not password protected, or have a password that’s publicly available. This means that every time you sign on to a public wifi connection, you’re essentially sharing a connection with any and all strangers in the area. In an airport especially, even more so than in a coffee shop or other place usually associated with public wifi, the number of strangers in your immediate vicinity is usually much higher. Any and all of those have the potential ability to access the same network connection you’re using. All it takes is one malicious user on your network to cause you a lot of trouble.

Anytime you access public connections to the internet, your computer is more exposed to the threats of malware or viruses which may be present on another’s laptop, not to mention the threat of a nefarious fellow traveler snooping through your shared files, shoulder surfing to watch you input your passwords, or otherwise monitoring your internet activity. Most people don’t realize that when sharing a network internet connection with someone, there is no additional firewall or security in place to protect the information stored on your computer. This quite naturally makes places like airports and other areas that offer free public wifi very attractive to would-be identity thieves.

If you can avoid using public wifi altogether, do so…if you just can’t resist checking the scores or the weather while waiting to board your flight or arrive at your intended destination, try to avoid doing potentially dangerous activities like online banking, filing tax returns, or checking any email accounts that might have valuable information stored in it; as this information could be harvested from your machine and used against you. If you know you will be traveling often and find yourself using public wifi normally you may want to look into getting a personal VPN. A personal Virtual Private Network will help protect you against the dangers of public wifi.

If using public wifi unprotected, be wary of any wireless network that shows up with a stronger signal than the network offered by the known provider (in other words, if you’re in the American Airlines terminal, you shouldn’t choose that random linksys server over the one labeled “Americanterminal1access” for example). Often potential hackers will generate their own network signal to have others “hook up” to them, exposing all their information. Other network users will see the stronger signal and connect to it unwittingly, without realizing that they’ve just voluntarily offered up anything that isn’t independently password protected for viewing by the thief.

When using your home wireless connection, ensure that it’s always password protected. Remember, you never know who else may be online.