Data breach numbers in the US hit an all time high last year

Written by on January 25, 2017 in Guest Blog with 0 Comments

The number of U.S. data breach incidents tracked in 2016 hit an all-time high of 1,093, according to a new report released today by the ITRC & CyberScout.

Data breach headline-grabbing attacks, with victims ranging from Wendy’s Co. to the Democratic National Committee, are increasing despite regulatory scrutiny and more aggressive cyber-security spending. Worldwide spending on security-related hardware, software and services rose to $73.7 billion in 2016 from $68.2 billion a year earlier, according to researcher IDC. And that number is expected to approach $90 billion in 2018.

“We are extremely confident that breaches are undiscovered and under-reported, and we don’t know the full scope,” Eva Casey Velasquez, chief executive officer of the Identity Theft Resource Center, said in an interview. “This isn’t the worst-case scenario we are looking at; this is the best-case scenario.”

The leading cause of data breach incidents was hacking/skimming/phishing attacks, accounting for 55.5 percent of the overall number of breaches, an increase of 17.7 percent over 2015 figures. This type of attack also accounted for 72 percent of breached records. Breaches involving accidental email/internet exposure of information were the second most common type of incident at 9.2 percent of the overall number of breaches followed by employee error at 8.7 percent.

Social security numbers were exposed by 52 percent of breaches, an 8.2 percent increase, but only 13 percent involved credit and debit card details — a drop of 7.4 percent over the previous year.

The business sector accounted for 45.2 percent of the overall number of breaches, followed by the healthcare/medical industry (34.5 percent), education (nine percent), government (6.6 percent), and banking and finance (4.8 percent).

“For businesses of all sizes, data breaches hit close to home, thanks to a significant rise in CEO spear phishing and ransomware attacks,” says Matt Cullina, CEO of CyberScout and vice chair of ITRC’s board of Directors. “With the click of a mouse by a naïve employee, companies lose control over their customer, employee and business data. In an age of an unprecedented threat, business leaders need to mitigate risk by developing C-suite strategies and plans for data breach prevention, protection and resolution.”

Adam Levin, chairman of the security company CyberScout LLC, which sponsored the report, said training employees about data privacy and security is essential. “A lot of companies don’t do it,” he said.

The Identity Theft Resource Center, which has been tracking data breach incidents since 2005, compiles its reports using data listed on state regulators’ web sites, as well as by filing Freedom of Information Act requests with various government agencies. Many data breach incidents still aren’t included in these numbers.

More here [ITRC] and here [Bloomberg]

This article was originally published on Pricing Data Plans.

Tags: , ,

About the Author

About the Author: Jonathon has been lurking around the Telecoms and Internet space for the last 20 years. He is now a man on a mission – that being the reformation of the Industry Analyst business. He is working with his co-conspirators on transforming the Industry Analyst world forever as an Expert with EMI. .


If you enjoyed this article, subscribe now to receive more just like it.

Subscribe via RSS Feed

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.