As technology is improving, so are the threats and security risks posed to it. Despite significant improvement in cybersecurity measures and techniques in the past few years, breaches are still on a rise. With the GDPR and other privacy regulations now in place, preventing data breaches is a leading concern of companies across the globe.
Data breaches are an omnipotent threat that has been on the rise over the last few years. The frequency and magnitude of these data breaches have increased rapidly over the last couple of years which is a sign of concern for organizations around the world. In fact, Gemalto has reported that over 4.5 billion data records were stolen in the first half of 2018, which is a 133% rise from the last year.
The 2018 Breach Level Index report by Gemalto provided a comprehensive study on data breaches that have taken place in 2018. The report tallied a total of 945 incidents of data breaches across the globe, which is almost 19% less than the 1162 incidents that took place in the first half of 2017. Despite this though, the number of data records that were compromised is higher in 2018 which means that the severity of these data breaches was worse in 2018.
Out of the 945 breach incidents that were reported, a majority of 559 of these incidents occurred in North America whereas 339 occurred in the Asia Pacific region, particularly Australia and only 36 incidents were reported from Europe.
The concerning part here is that the 4.5 billion breached records were only from 80% of these breaches while Gemalto is still unsure about how many records were compromised by the remaining 20%. Even if we breakdown the known number of breached records, it equates to over 25 million records stolen every day, and almost a million every hour.
The industries that were most heavily impacted by these data breaches were the healthcare industry (27%) and financial institutions (14%). Other than this, the attacks were distributed relatively evenly across industries such as education, retail, and government among others.
As we would expect, the most common source of these breaches were attacks from malicious outsiders which accounted for 56% of the data breaches. These outsider attacks were responsible for 530 of the data breaches and compromised a total of 3.6 billion data records in early 2018.
After this, the most notable source of the breaches was accidental data loss which was responsible for 34% i.e. 314 of the breach incidents. Though accidental losses are still an avoidable circumstance, the number has been on the decline over the past couple of years which is a good sign. The number of data records lost due to accidental loss were 1.6 billion in 2017 but witnessed a 47% drop to 879 million in 2018.
Other than these, the other sources of the data breaches included malicious insiders, hacktivists, and unknown which collectively contributed to 10% of the data breach incidents.
Moving on to the types of breach incidents, the primary concern was that of identity theft which was responsible for more than 3.9 billion compromised records and 65% i.e. 610 of the breach incidents. Such incidents are strikingly common in small and medium enterprises which fail to provide basic education on cybersecurity to their employees. The other most common types of breach incidents included account access and financial access which accounted for 17% i.e. 166 and 13% i.e. 123 of the breach incidents.
Gemalto has reported one bright side to all of these negatives on data breaches though. The report states that encryption is the best cybersecurity measures that companies have taken since only 2.2% of the data breaches occurred within organizations where encryption was in place. Furthermore, the data records that were stolen from these organizations were rendered useless and inaccessible due to the encryption used.
To summarize, Gemalto’s 2018 Breach Level Index report states that data breach incidents are on the rise with 945 incidents and 4.5 billion data records stolen so far in 2018 with the most incidents occurring in North America, the most common type of incident being identity theft, and the most frequent source of attack being malicious outsider attacks.