While data breaches are down, a single ransomware attack at Blackbaud exposed information from at least 247 organizations that have issued their own breach notices
SAN DIEGO, October 14, 2020 – Today, the Identity Theft Resource Center® (ITRC), a nationally recognized non-profit organization established to support victims of identity crime, released its U.S. data breach findings for the third quarter of 2020.
According to the data breach analysis, publicly-reported U.S. data breaches have dropped 30 percent year-to-date compared to 2019. More than 292 million individuals have had their identities compromised so far in 2020, a 60 percent drop from 2019. Mass data breaches of personal information continue to decline while cyberattacks are up as threat actors focus on ransomware, phishing, and brute force attacks that use already available identity information to steal company funds and COVID-19 related government benefits.
Despite the encouraging data breach numbers, a single ransomware attack at Blackbaud exposed information from at least 247 organizations that have issued their own breach notices as of September 30, 2020.
Cyberattacks were the primary cause of data compromises reported in Q3 2020, with phishing and ransomware attacks the most common attack vectors. However, viewing Blackbaud as a series of attacks and not a single event, supply chain attacks were the most common exploit.
“It is encouraging to see the number of data breaches continue to decline in 2020,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center. “If data breaches continue at this pace for the remainder of 2020, we could see our lowest number of breaches since 2015.”
While data breaches are dropping, the Blackbaud data breach has skewed the numbers significantly. Of the 247 organizations to issue breach notices to their customers, only 58 have disclosed the number of individuals impacted by the breach – 6,981,091. If the Blackbaud data breach is treated as a series of events, data breaches have only decreased by 10 percent compared to 2019.
“If anyone gets a breach notice connected to the Blackbaud data breach, they should act immediately because their information could still be available,” Velasquez said. “Whenever someone receives a breach notice, they need to act quickly and decisively because of the risks that come with personal information being exposed.”
For more information about recent data breaches, or any of the data breaches discussed in Q3, consumers and businesses should visit the ITRC’s new data breach tracking tool, notifiedTM. It is updated daily and free to consumers. Organizations that need comprehensive breach information for business planning or due diligence can access as many as 90 data points through one of the three paid notified subscriptions. Subscriptions help ensure the ITRC’s identity crime services stay free.
For consumers who have been victims of a data breach, the ITRC recommends downloading its free ID Theft Help app to manage the various aspects of an individual’s data breach case.
Anyone can receive free support and guidance from a knowledgeable live-advisor by calling 888.400.5530 or visiting www.idtheftcenter.org to live-chat.
About the Identity Theft Resource Center®
Founded in 1999, the Identity Theft Resource Center® (ITRC) is a nationally recognized non-profit organization established to support victims of identity crime in resolving their cases, and to broaden public education and awareness in the understanding of identity theft, data breaches, cybersecurity, scams/fraud, and privacy issues. Through public and private support, the ITRC provides no-cost victim assistance and consumer education through its call center, website, social media channels, live-chat feature and ID Theft Help app. For more information, visit: https://www.idtheftcenter.org.
Identity Theft Resource Center
Earned & Owned Media Specialist
888.400.5530 Ext. 3611