While the number of breaches in 2019 increased, the number of sensitive records exposed decreased

SAN DIEGO, January 28, 2020 – Today, the Identity Theft Resource Center®, a nationally recognized non-profit organization established to support victims of identity crime, released its annual End-of-Year Data Breach Report for 2019 with the support of the report’s long-time sponsor CyberScout®, a global leader in identity theft resolution, data defense and employee benefits services.

According to the report, the number of U.S. data breaches tracked in 2019 (1,473) increased 17 percent from the total number of breaches reported in 2018 (1,257). However, 2019 saw 164,683,455 sensitive records exposed, a 65 percent decrease from 2018 (471,225,862). The 2018 Marriott data breach exposed 383 million records alone, significantly skewing the data.

Download the report here: https://www.idtheftcenter.org/2019-data-breaches/

 “The increase in the number of data breaches during 2019, while not surprising, is a serious issue,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center. “It would appear that 2018 was an anomaly in how many data breaches were reported and the number of records exposed. The 2019 reporting year sees a return to the pattern of the ever-increasing number of breaches and volume of records exposed. Because that means more consumers are becoming victims, the ITRC will continue to help them by providing guidance on the best ways to navigate the dangers of exposed personally identifiable information (PII) from a data breach and the risks of identity crime as a result.”

“This year’s report paints a mixed view of the landscape as we continue to work with businesses and consumers alike to thwart cyber criminals and contain their damage,” said Matt Cullina, CyberScout’s EVP of Strategic Partnerships and Managing Director of Global Markets; and Board Chair of the Identity Theft Resource Center. “The overall increase in breaches is certainly concerning. However, the extraordinary drop in the number of records exposed and the incredible feat of cutting the sensitive PII exposed by two thirds, indicates that we may be moving in a good direction with regards to the extent of the damage associated with breaches. Businesses and consumers need to continue to be vigilant in protecting data and systems, ensuring they have current protections in place, because even non-sensitive data exposure can lead to more serious issues.”

Another critical finding was that “hacking” was responsible for the highest percentage of data breaches (39 percent) and the highest number of non-sensitive records exposed (81 percent). “Unauthorized access” was the second most common breach method identified with nearly the same percentage as hacking at 36.5 percent. Unauthorized access continued to be a catch-all category with little transparency on the actual method of intrusion throughout 2019.

For the second straight year, the business sector had the most data breaches (644), while the medical/healthcare sector had the second most (525). The government/military sector had the fewest amount of breaches in 2019 at 83.

The ITRC has also now tracked over 10,000 publicly-notified data breaches since 2005, hitting that milestone in the spring of 2019.

For anyone that has been a victim of a data breach, the ITRC recommends downloading its free app to manage the various aspects of an individual’s data breach case.

Consumers and victims can receive free support and guidance from a knowledgeable live-advisor by calling 888.400.5530 or visiting www.idtheftcenter.org to live-chat.


About the Identity Theft Resource Center

Founded in 1999, the Identity Theft Resource Center® (ITRC) is a nationally recognized non-profit organization established to support victims of identity theft in resolving their cases, and to broaden public education and awareness in the understanding of identity theft, data breaches, cybersecurity, scams/fraud and privacy issues. Through public and private support, the ITRC provides no-cost victim assistance and consumer education through its contact center, website, social media channels, live chat feature and ID Theft Help app. For more information, visit: http://www.idtheftcenter.org

Identity Theft Resource Center
Charity Lacey
VP of Communications
O: 858-634-6390
C: 619-368-4373

About CyberScout

Since 2003, CyberScout® has set the standard for full-spectrum identity, privacy and data security services, offering proactive protection, employee benefits, education, resolution, identity management and consulting as well as breach preparedness and response programs. CyberScout products and services are offered globally by 660 client partners to more than 17.5 million households worldwide, and CyberScout is the designated identity theft services provider for more than 750,000 businesses through cyber insurance policies. CyberScout combines extensive experience with high-touch service to help individuals, government, nonprofit and commercial clients minimize risk and maximize recovery.

Heather McLaughlin