Call Now 888.400.5530

ITRC-logo-color-final
Search
Close this search box.

Q3 2023 Data Breach Report: Identity Theft Resource Center Reports Data Compromise Record with Three Months Left in the Year

Date: 10/11/2023

The Identity Theft Resource Center tracked 2,116 data compromises in the first three quarters of 2023, breaking the all-time high of 1,862 compromises in 2021

SAN DIEGO, October 11, 2023 – Today, the Identity Theft Resource Center® (ITRC), a nationally recognized nonprofit organization established to support victims of identity crime, released its U.S. data breach findings for the third quarter (Q3) of 2023. According to the Q3 2023 Data Breach Report, there were 733 publicly-reported data compromises in the quarter, a 22 percent decrease compared to the previous quarter (941 compromises). Despite the decline Quarter-over-Quarter, the ITRC passed the annual all-time high in data compromises set in 2021 (1,862), tracking 2,116 data compromises through the first nine months with three months left in the annual reporting period. Of the 733 compromises in Q3, 386 data breach notices did not have an attack vector (53 percent).

The number of victims in Q3 (66.7 million) decreased by 39 percent compared to Q3 2022. Through the first three quarters in 2023, there have been 233.9 million estimated victims, remaining well short of the pace from 2022 (425 million estimated victims). According to the Q3 2023 Data Breach Report, cyberattacks remained the most common root cause of a data breach in Q3 (614 breaches). Among the notices that reported an attack vector, Phishing attacks were the most frequently reported cause (80). Zero-Day attacks (attacks against a previously undisclosed software flaw for which there is no patch) were second (69), exceeding Ransomware (64) and Malware attacks (17).

Cybersecurity researchers point to the rising number of successful Zero-Day attacks as one reason for the significant rise in data compromises. The ITRC has noted a 1,620 percent increase in Zero-Day attacks reported in the first three quarters of 2023 (86) compared to all of 2022 (5).

Download the ITRC’s Q3 2023 Data Breach Report & Analysis

“While setting a record for the number of data breaches is attention-grabbing, unfortunately, it is not surprising,” said Eva Velasquez, President and CEO of the Identity Theft Resource Center. “There are a handful of reasons for the rise in data compromises, ranging from the drastic uptick in Zero-Day attacks to a new wave of ransomware attacks as new ransomware groups enter the criminal identity marketplace. Now that we have broken the previous annual data comprise record, the question remains: by how much?”

 Other findings in the Q3 2023 Data Breach Report Analysis include:

  • Supply chain attacks impacted scores of entities in Q3, even though they were not directly attacked. More than 1,000 (1,321) organizations reported data compromises due to an attack against 87 organizations, including many third parties that used the MOVEit file transfer software.
  • As of September 30, 344 U.S. organizations have been impacted by a single or multiple vendors using a vulnerable MOVEit product. An additional 79 organizations reported being directly affected by attacks against MOVEit software or services. Four of the top ten compromises in Q3 were related to a MOVEit attack.

Anyone can receive free support and guidance from a knowledgeable live advisor by calling 888.400.5530 or visiting www.idtheftcenter.org to live chat.

About the Identity Theft Resource Center 

Founded in 1999, the Identity Theft Resource Center® (ITRC) is a national nonprofit organization established to empower and guide consumers, victims, business and government to minimize risk and mitigate the impact of identity compromise and crime. Through public and private support, the ITRC provides no-cost victim assistance and consumer education through its website live chat, idtheftcenter.org, and toll-free phone number 888.400.5530. The ITRC also equips consumers and businesses with information about recent data breaches through its data breach tracking tool, notified. The ITRC offers help to specific populations, including the deaf/hard of hearing and blind/low vision communities. 

Media Contact 

Identity Theft Resource Center 
Alex Achten 
Director of Communications & Media Relations 
888.400.5530 Ext. 3611 
[email protected] 

How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the In the Loop.

notified-ad.png

Get ID Theft News

Stay informed with alerts, newsletters, and notifications from the Identity Theft Resource Center

notified-ad.png
© Copyright 2024- Identity Theft Resource Center

This product was produced by the ITRC under 2018-V3-GX-K007, awarded by the Office for Victims of Crime, Office of Justice Programs, U.S. Department of Justice. The opinions, findings, and conclusions or recommendations expressed in product are those of the contributors and do not necessarily represent the official position or policies of the U.S. Department of Justice. View more about our copyright info here.