While the number of data compromises is only up slightly (12 percent increase in Q1 2021), individuals impacted is on a steep rise due to more supply chain attacks in 2021
SAN DIEGO, April 7, 2021 – Today, the Identity Theft Resource Center® (ITRC), a nationally recognized nonprofit organization established to support victims of identity crime, released its U.S. data breach findings for the first quarter of 2021.
According to the ITRC’s analysis, publicly-reported U.S. data compromises in Q1 2021 are up 12 percent (363) from Q4 2020. The number of individuals impacted is up 564 percent (51 million in Q1 2021 versus eight million in Q4 2020). A primary reason for the gap in compromises and impacts is a 42 percent rise in the number of supply chain attacks compared to Q4 2020, a trend discussed in the ITRC’s 2020 Data Breach Report.
One hundred and thirty-seven (137) organizations reported being impacted by supply chain attacks in Q1 2021 at 27 different third-party vendors, including IT provider Accellion. The publicly-reported supply chain attacks affected seven million people. Nineteen supply chain attack-related compromises were reported in Q4 2020. Other conclusions from the Q1 2021 report include:
- Phishing and ransomware attacks continue to be the primary root causes of data compromises.
- The increase in data compromises and impacted individuals was also influenced by 59 data events reported in early Q1 2021 that occurred in late December 2020.
- The 2020 supply chain and ransomware attack against IT provider Blackbaud continues to result in new data breach notices; 62 new notices in Q1 2021 that impacted approximately 146,000 additional individuals. More than 12.8 million people at 555 organizations have now been affected by the attack first reported in mid-2020.
- The report reinforces the trends highlighted by the ITRC, the FBI, and various security vendors that point to a rise in cybercrimes focused on stealing company resources using personal information.
“While the number of data compromises is only up slightly, the rise in supply chain attacks is troubling,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center. “Supply chain, phishing, and ransomware attacks reflect a broader trend that cybercriminals want to exploit multiple organizations through a single point-of-attack. The most important action people can take to help protect themselves is to exercise good cyber-hygiene habits.”
The FBI’s most recent Internet Crime Complaint Center (IC3) Report shows phishing as the number one complaint for individuals and businesses in 2020. According to the report, $1.8 billion in business losses was directly attributed to Business Email Compromise, a form of phishing.
For more information about recent data breaches, or any of the data breaches discussed in the Q1 2021 Date Breach Report, consumers and businesses should visit the ITRC’s new data breach tracking tool, notified.
For consumers who have been victims of a data breach, the ITRC recommends downloading its free ID Theft Help app to manage the various aspects of an individual’s data breach case.
Anyone can receive free support and guidance from a knowledgeable live-advisor by calling 888.400.5530 or visiting www.idtheftcenter.org to live-chat.
About the Identity Theft Resource Center
Founded in 1999, the Identity Theft Resource Center® (ITRC) is a non-profit organization established to empower and guide consumers, victims, business and government to minimize risk and mitigate the impact of identity compromise and crime. Through public and private support, the ITRC provides no-cost victim assistance and consumer education through its website live-chat idtheftcenter.org, toll-free phone number 888.400.5530, and ID Theft Help app. The ITRC also equips consumers and businesses with information about recent data breaches through its data breach tracking tool, notified.
Identity Theft Resource Center
Earned & Owned Media Specialist
888.400.5530 Ext. 3611