ITRC Q1 Data Breach Analysis

Please add your information below to download a PDF copy of the analysis

 

 

Methodology

For purposes of quarterly and annual reporting, the ITRC aggregates data events based on the date the breach, exposure, or leak was entered into the database rather than the date the event occurred. This avoids the confusion and data conflicts associated with the need to routinely update previous reports and compromise totals. The date of the original compromise, if known, and the date of the event report are noted in the ITRC’s notified data compromise tracking database.

The number of victims linked to individual compromises are updated as needed and can be accessed in the ITRC’s notified breach tracking solution.

The ITRC reports Third-Party/Supply Chain Attacks as a single attack against the company that lost control of the information. The total number of individuals impacted by third-party incidents is based on notices sent by the multiple organizations impacted by the single data compromise.

Get ID Theft News

Stay informed with alerts, newsletters, and notifications from the Identity Theft Resource Center