US data breaches hit an all-time annual high in 2017
Advisen
US data breaches hit an all-time annual high in 2017
By Erin Ayers, Advisen
U.S. data breaches hit an all-time annual high of 1,579 breaches in 2017, a 44.7 percent increase over 2016, according to the latest data recorded by the Identity Theft Resource Center (ITRC) and CyberScout.
“We’ve seen the number of identified breaches increase as a result of industries moving toward more transparency,” said Eva Velasquez, ITRC president and CEO. “We want to encourage businesses and government entities to continue to provide timely reports to their respective Attorney Generals so consumers can be better informed on what are the immediate and long-term impacts to their personal information by any given data breach.”
ITRC’s data showed that the “business” category experienced 870 breaches, the highest portion of breaches at 55 percent. Following business was the medical/healthcare industry with 23.7 percent of the breaches at 374. The financial sector experience 134 breaches, or 8.5 percent of the overall number for 2017 – this sector has only been in the top three impacted industries twice since 2005, ITRC noted. Financial sector just edged out education and government/military at 8 percent and 4.7 percent.
“Year after year we continue to use the Annual Data Breach Year-End Review as a tool to further glean trends about the state of data breaches, or to confirm what we already know about them,” said Matt Cullina, CEO of CyberScout. “With the business sector being strongly impacted, now more than ever it’s important for organizations of all sizes to not only be prepared for a data breach, but to also be taking proactive steps to plan for the inevitability.”
ITRC and CyberScout reported that 60 percent, or 940 breaches, were caused by hacking (including phishing and ransomware/malware). Other causes of breaches included unauthorized access, insider theft, employee error/negligence/improper disposal/loss, and physical theft.
The report emphasized that payment card data continues to appeal to cybercriminals, with nearly 20 percent of breaches involving compromise of credit and debit information, a six percent rise from 2016.
“Despite efforts from all stakeholders to lessen the value of compromised credit/debit credentials, this information continues to be attractive and lucrative to thieves and hackers.
Social Security numbers were also found to be readily available, with 830 breach events involving their theft, according to the report.
“Understanding the type of personal information that has been exposed is absolutely critical for affected consumers.” said Karen Barney, ITRC director of program support. “While a Social Security number continues to be the most valuable piece of information in the hands of a thief, even the exposure of emails, passwords or usernames can be problematic as this information often plays a role in hacking and phishing attacks.
Editor Erin Ayers can be reached at eayers@advisen.com.
