Gemalto, the world leader in digital security, released the latest findings of the Breach Level Index, revealing that 2.6 billion records were stolen, lost or exposed worldwide in 2017, an 88% increase from 2016. While data breach incidents decreased by 11%, 2017 was the first year publicly disclosed breaches surpassed more than two billion compromised data records since the Breach Level Index began tracking data breaches in 2013.
Over the past five years, nearly 10 billion records have been lost, stolen or exposed, with an average of five million records compromised every day. Of the 1,765 data breach incidents in 2017, identity theft represented the leading type of data breach, accounting for 69% of all data breaches. Malicious outsiders remained the number one cybersecurity threat last year at 72% of all breach incidents. Companies in the healthcare, financial services, and retail sectors were the primary targets for breaches previous year.
However, government and educational institutions were not immune to cyber risks in 2017, making up 22% of all breaches.
Data Breaches by Type
Identity theft was the leading type of data breach, accounting for 69% of all incidents constituting 26% of breached data in 2017.
The second most prevalent type of breach was access to financial data (16%).
The number of lost, stolen or compromised records increased the most for nuisance type of data breaches (560%) which constituted 61% of all compromised data. Account access and existential type breaches decreased both in incidents and records from 2016.
Data Breaches by Industry
In 2017, the industries that experienced the most substantial number of data breach incidents were healthcare (27%), financial services (12%), education (11%) and government (11%). Regarding the number of records lost, stolen or compromised, the most targeted sectors were government (18%), financial services (9.1%) and technology (16%).
Data Breaches by Source
Malicious outsiders were the leading source of data breaches, accounting for 72% of breaches, however, making up only 23% of all compromised data. While the accidental loss was the cause of 18% of data breaches, it accounted for 76% of all compromised records, an increase of 580% from 2016.
Malicious insider breaches were 9% of the total number of incidents, however, this breach source experienced a dramatic increase (117%) in the number of compromised or stolen records from 2016.
The Breach Level Index
A global database that tracks and analyzes data breaches, the type of data compromised and how it was accessed, lost or stolen. Based on data breach reports collected in the Breach Level Index, the primary 2017 highlights include:
Human error; a significant risk management and security issue: Accidental loss, consisting of improper disposal of records, misconfigured databases, and other unintended security issues, caused 1.9 billion records to be exposed. A dramatic 580% increase in the number of compromised records from 2016.
Identity theft is still the number one type of data breach: Identity theft was 69% of all data breach incidents. Over 600 million records were impacted resulting in a 73% increase from 2016.
Internal threats are increasing: The number of malicious insider incidents decreased slightly. However, the number of records stolen increased to 30 million, a 117% increase from 2016.
What a nuisance: The number of records breached in nuisance type attacks increased by 560% from 2016. The Breach Level Index defines a data breach as a nuisance when the compromised data includes necessary information such as name, address and phone number.
The more extensive ramification of this type of breach is often unknown, as hackers use this data to orchestrate other attacks.